chrooting/jailing transfer-only accounts

Sandor W. Sklar ssklar at
Sat May 25 00:57:55 EST 2002

At 6:20 PM -0500 5/23/02, Ben Lindstrom wrote:
>Why don't you just change the user's shell to /path/to/scpjail ?  By doing
>it this way you capture all subsystems, standard logins and remote
>commands by just reading the command line and looking at anything past
>the first -c.  I don't see a reason why one needs to use command="".

I'm not sure what practical difference that makes ... unless I'm 
missing something, doing so results in the scpjail script being 
passed the same values, and thus, resulting in the same problem.  It 
would also prevent other users from logging in to the account using a 
different key, or from other users "su"ing to the account.

>The other question is should SSH_ORIGINAL_COMMAND reflect subsystem calls?

That is not for me to answer.  I'm just looking for a solution to the 
problem I stated in the previous email.  Some people feel that this 
is a "trivial" problem that can be solved without adding code to 
OpenSSH.  If it is, I'm not smart enough to figure it out, and I 
haven't seen any examples of such a solution posted to the list.

   Sandor W. Sklar  -  Unix Systems Administrator  -  Stanford University ITSS
   Non impediti ratione cogitationis.

More information about the openssh-unix-dev mailing list