chroot + ssh concerns

Lev Lvovsky lists1 at sonous.com
Wed Dec 31 13:08:09 EST 2003 

Ben,

To be honest, I'm personally pushing for an unmodified-ssh way of doing 
things - it's the head of security here that would rather we patch ssh.

Can you be more specific as to why this is a better idea over patches?  
the "scponly" shell seems to satisfy our needs as well, but the issue 
of code auditing stands for both that, and rssh, so I need to come back 
with some good reasons.

thanks!
-lev

On Dec 30, 2003, at 5:43 PM, Ben Lindstrom wrote:

>
> You may want to consder: http://www.pizzashack.org/rssh/
>
> - Ben
>
> On Tue, 30 Dec 2003, Lev Lvovsky wrote:
>
>> Hello,
>>
>> I'm new to the list, but hopefully I've done enough digging around 
>> that
>> I don't get yelled at too terribly ;)
>>
>> We're looking to implement a chrooted environment for allowing users 
>> to
>> scp files from servers.  That's basically the only functionality that
>> we need in this case.  We're looking to chroot the user and/or remove
>> any chance that the account can login via ssh or local to the machine
>> an run any commands.  Essentially the idea is to create a dump/pickup
>> directory on the machines in question.
>>
>> In looking around, it seems that chroot has come up on this list
>> several times, and has been discussed ad nauseum on usenet.  In 
>> looking
>> at the archives, it seems that the patch for this has been removed 
>> from
>> the contrib section of the ssh source.
>>
>> While patches for chrooted ssh exist (chrootssh comes to mind), I've
>> also read the discussion here:
>>
>> http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102163541912823&w=2
>>
>> and am curious to get this groups take on possible solutions.
>>
>> 1.  does anyone have recommendations/warnings about applying the
>> securessh patch?  The two main problems I see are code auditting
>> (which, while I understand C, I don't know the ssh source well enough
>> to understand the patch), as well as waiting on patches to newly
>> announced vulnerabilities.
>>
>> 2.  the other options that we have for this are "restricted bash"
>> (rbash), and the "scponly" shell - does anyone have any comments on
>> either of those two as more (or less) recommended than the chrootssh
>> patch?
>>
>> any other words of wisdom are very much appreciated!
>>
>> thanks,
>> -lev
>>
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>>

More information about the openssh-unix-dev mailing list