making openssh work with chroot()'ed accounts?
mouring at etoh.eviladmin.org
mouring at etoh.eviladmin.org
Tue Sep 18 08:26:52 EST 2001
On Mon, 17 Sep 2001, James Ralston wrote:
[..]
>
> Is this the mess you were referring to, or was it something else?
>
Yes. Maintaining such machinery is nasty, IMHO.. =) But I tend to
deploy chroot() sparingly.
> Do you know of any reason why making sshd always call do_pam_session()
> wouldn't work? The pam_chroot module seems to do a good job, so it
> would seem to me that *not* stuffing that functionality into sshd
> would be the best course of action...
>
Sorry, I will not claim to understand PAM in some respects. I know that
PAM does not always act the same on every platform (Seems HP/UX vs Solaris
to be the major waring parties. =).
- Ben
More information about the openssh-unix-dev
mailing list