|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: bugtraq
t-swat.comDate: Wed Oct 24 2001 - 00:33:28 CDT
At 09:00 AM 22/10/2001, Charles Clancy wrote:
>On Sat, 20 Oct 2001, Postmaster wrote:
> > Does any body know to chroot openssh service ?
>
>Generally chroot defeats the purpose of OpenSSH. With
>OpenSSH/SSH/Telnet/rsh/etc, you want to be able to log in and use the
>system. For administrative purposes, it would be useless if root didn't
>have access to the file system. You might as well just shut off OpenSSH
>completely. If you're in a chroot-jail, there's not much you can
>administer except the OpenSSH daemon.
Personally, I find that there ARE times when I want the ability to provide
a chrooted SSH session.
One such example is providing a secure tunnel for port 1521 on the remote
box, without any other access to the machine at all. I can provide the
username/password into the chrooted environment thereby allowing the
tunnelled connection to be created.
This is the quick and dirty way I've handled this, but if someone has a
better way, I'd love to hear about it.
...jeff
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]