-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On January 30, 2003 17:00 pm, Todd Lyons wrote: > J.P. Pasnak wrote on Thu, Jan 30, 2003 at 02:41:39PM -0600 : > > >> So would I... I had to give out two logins recently, and would > > >> have loved to > > >> be able to lock them in their directory.. > > >> I was hoping Todd would respond with some wisdom on this one.. > > >> :-) > > > > > > Due to the way that the privelege seperation in ssh works, I > > > don't know that it's possible. I realize that _anything_ is > > > possible if you put enough work into it, but it's going to > > > consume a lot of space. You might as well chroot the whole > > > distro. > > > > So you're saying my latest endevour, trying to get pam_chroot.so to > > work are fruitless? > > No, I'm not saying that because it just might work, regardless of my > ignorance. (I honestly hadn't thought about using pam to chroot it). > > Blue skies... Todd
pam_choot.so ended up generating errors whenever I attempted to assign something in chroot.conf, so I just ended up tightening down the directory permissions. Combine that with scponly and I think it's pretty secure now. Tks for all the advice everyone. - -- Live fast, die young, you're sucking up my bandwidth. - ------ J.P. Pasnak, CD CCNA [EMAIL PROTECTED] http://www.warpedsystems.sk.ca Kernel version: 2.4.20-2mdk Current Linux uptime: 34 days 23 hours 22 minutes. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+OboNBMRgzmzdk08RAtNaAJ9q2y8MirFcLwcy5zwpxjaQnGhX9QCgoi9F Y70pXSMsXCHHCiiFFlU1ZR4= =0oEr -----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
