openSSH hint: need help coding chroot script

Christoph R linux.daemon at gmx.de
Fri Mar 29 03:29:46 PST 2002


I want to allow a friend to copy files to an apache's virtual domain
document root dir
(lets assume /www/htdocs/subdomain.mydomain.com as the dir).
I thought using scp might be a good alternative to a complicated and
insecure 
ftp server setup. But I don't want him do see my files so I need to
chroot him.

The openSSH hint basicaly gives an overview of what needs to be done,
but I'm not 
a too advanced linuxuser (yet) and could need some help writing the
script.

Here is the extract form the openssh hint:

-- quote --
If you want to run sshd chrooted, you can write a simple program which
does the chroot to the user homedir, drops priviledges, cleans the env,
and
runs a shell. Install this chroot program suid root, add it to
/etc/shells,
and use it as the users shell. Don't forget to set up the chroot
environment
for the users in question (eg., sftp requires not only a bin/sh but also
the
sftp-server binary). You should also make sure that the user in question
does
not own anything in the chroot jail, and you might want to set the
immutable
bit on all the jail files if you are using a filesystem which supports
it
(man chattr).
-- end quote --

So, can anyone out there please help me write such a script and
translate the above
into linux commands?


Best regards, Chris
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-support' in the subject header of the message



More information about the lfs-support mailing list