Comments on Chrooted SSH HowTo
Chrooted SSH HowTo This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.
5 Comment(s)
Comments
instead of running make install on your debian system try using checkinstall command that way you can uninstall easily.
I looked for a shared system solution several months ago and gave up on ssh after a few attempts. By the time I added enough programs to be useful, I couldn't convince myself it was secure. lsof returns over 100 files, pipes, etc and I could not imagine a feasible way of assuring that injection in one of those couldn't lead to compromise.
For most environments, ftp is enough (my security is more important to me than user security). For the others, I permit only users I can reach with a baseball bat.
The chroot setup script didn't work on my Ubuntu 5.10 since the ldd output for some programs differed from what the script expected so i modified the script a bit. The improved version can be found here: http://hirvinen.dy.fi/chroot-setup.sh . Otherwise a nice howto. Thanks.
While http://chrootssh.sourceforge.net doesn't exists anymore a patch for the newer releases of OpenSSH can be found at: http://web.cybnet.ch/misc/opensource/openssh-5.2p1-chroot.patch
this wget http://chrootssh.sourceforge.net/download/openssh-4.2p1-chroot.tar.gz doesn't work for me, I get a 404 error.