Hi,
> I'd like to see rpmforge look to update OpenSSH to 4.8p1 or later.
> Reason is this version (from what I can determine) has the built-in ability
> to Jail users to their home directory if you enabled SSH (IE: SFTP).
>
> But in the versions available in centos / rpm / epel they are all at
> 4.3 something.
The last openssh version I have:
openssh-4.3p2-36.el5_4.2.i386
Supports it (from the man page):
ChrootDirectory
Specifies a path to chroot(2) to after authentication. This
path, and all its components, must be root-owned directories that
are not writable by any other user or group.
The path may contain the following tokens that are expanded at
runtime once the connecting user has been authenticated: %% is
replaced by a literal \u2019%\u2019, %h is replaced by the home
directory
of the user being authenticated, and %u is replaced by the user-
name of that user.
The ChrootDirectory must contain the necessary files and directo-
ries to support the users\u2019 session. For an interactive
session
this requires at least a shell, typically sh(1), and basic /dev
nodes such as null(4), zero(4), stdin(4), stdout(4), stderr(4),
arandom(4) and tty(4) devices. For file transfer sessions using
\u201csftp\u201d, no additional configuration of the environment
is neces-
sary if the in-process sftp server is used (see
\u201cinternal-sftp\u201d
will force the use of an in-process sftp server that requires no
support files when used with ChrootDirectory. Subsystem for
details).
The default is not to chroot(2).
Regards,
Michael.
> Thanks in advance!
>
> --
> Victor ('Daworm')
> * Melbourne Wireless Node: KDJ & KDT
> * Natural Selection 2 Wiki Sysop
> (http://www.unknownworlds.com/ns2/wiki/) * AoCWiki Sysop
> (http://aoc.wikia.com/) * Twitter: @dawormie
------- End of Original Message -------
_______________________________________________
suggest mailing list
[email protected]
http://lists.rpmforge.net/mailman/listinfo/suggest
