> From: Victor <[email protected]> > > I'd like to see rpmforge look to update OpenSSH to 4.8p1 or later. > Reason is this version (from what I can determine) has the built-in ability > to Jail users to their home directory if you enabled SSH (IE: SFTP). > > But in the versions available in centos / rpm / epel they are all at 4.3 > something. > > Thanks in advance!
OpenSSH 5.2 compiles and runs just fine, backported from Fedora 12. And a number of companies, such as Centrify, provide updated OpenSSH for various RHEL releases as part of kerberos enabled single-sign-on technologies: full Kerberized SSH wasn't available in OpenSSH 4.8. I've not tried the chroot caging of shells in *years*, though. The way I used to do it involved some patches the OpenSSH authors absolutely refused to accept, and also involved building the necessary libraries for the ssh tools inside the chrooted directory, and setting the user's $HOME directory setting with a "/./" in it at the base of the chroot environment. Lord, that's reaching back a way. One approach is described at http://blog.wanderinglost.ca/?p=9, which seems familiar in its approach and might be worth checking for you. I could send you my .spec file for backporting Fedora 12's version of OpenSSH, which seems to work but which I stopped pursuing after winding up with a Centrify binary. _______________________________________________ suggest mailing list [email protected] http://lists.rpmforge.net/mailman/listinfo/suggest
