[ale] chrooting SSH users?
Chris Ricker
kaboom at gatech.edu
Sun May 18 10:33:06 EDT 2003
On Sun, 18 May 2003, Raju wrote:
> Hi All,
> I want to setup up a (Redhat) box in the DMZ to allow ssh access only
> (shell accounts) which inturn will provide access to the lab I am
> building (Cisco). I wanna see if I can chroot ssh users. "Googling"
> yields more painful approaches, but was curious if anyone has done it
> before. Thanks:-)
use pam_chroot
Something like this in /etc/pam.d/sshd:
<snip non-session stuff>
session required pam_limits.so
session required pam_chroot.so onerr=fail
session optional pam_console.so
tells sshd to read the config file /etc/security/chroot.conf when users
authenticate.
In /etc/security/chroot.conf, put
user1 directory1
user2 directory2
user1 gets chrooted to directory1, user2 to directory2, user3 doesn't get
chrooted.
later,
chris
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list