1352 – (chroot) Chroot support for sshd

Bug 1352 (chroot) - Chroot support for sshd

Summary: Chroot support for sshd

Status:	CLOSED FIXED

Alias:	chroot

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	-current
Hardware:	All All

Importance:	P2 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:	patch

Depends on:
Blocks:	V_4_8
	Show dependency tree / graph

Reported:	2007-08-10 13:30 AEST by Damien Miller
Modified:	2008-03-31 15:20 AEDT (History)
CC List:	0 users

See Also:

Attachments
ChrootDirectory for core OpenSSH (4.01 KB, patch) 2007-08-10 13:30 AEST, Damien Miller	no flags	Details \| Diff
ChrootDirectory for portable OpenSSH (4.77 KB, patch) 2007-08-10 13:31 AEST, Damien Miller	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Damien Miller 2007-08-10 13:30:57 AEST

Created attachment 1336 [details]
ChrootDirectory for core OpenSSH

This patch adds a ChrootDirectory option to optionally specify a directory to chroot(2) to after authentication in sshd.

Comment 1 Damien Miller 2007-08-10 13:31:45 AEST

Created attachment 1337 [details]
ChrootDirectory for portable OpenSSH

Comment 2 Damien Miller 2007-08-10 13:36:17 AEST

BTW this patch is intended for use with the recent "Match" sshd_config directive. For example:

Match group chroot_users
        ChrootDirectory /home/chroot/%u

Comment 3 Damien Miller 2008-02-10 22:50:58 AEDT

A newer version of this patch has just been committed, with additional support for an in-process sftp-server to avoid the need to configure the chroot with support files. This will be in openssh-4.8.

Comment 4 Damien Miller 2008-03-31 15:20:58 AEDT

Fix shipped in 4.9/4.9p1 release.