SSH Chroot FreeBSD 10.1 and 10.2
Brandon Allbery
allbery.b at gmail.com
Sat Aug 22 15:01:58 UTC 2015
On Sat, Aug 22, 2015 at 10:54 AM, Rainer Duffner <rainer at ultra-secure.de>
wrote:
> I found it’s much easier to have actual chroot’ed ssh users once the users
> themselves are in an LDAP-directory.
> Also, for doing anything useful on that shell, it turned out you need a
> some more devices in /dev than the usual chroot (like a chroot’ed PHP-FPM,
> that just needs the dev-set of jail(4)).
> And a couple of symlinks.
>
Yep; chroots are always a pain to deal with. I have seen utilities to
manage them, but only for Linux.
--
brandon s allbery kf8nh sine nomine associates
allbery.b at gmail.com ballbery at sinenomine.net
unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.net
More information about the freebsd-stable
mailing list