chroot support for ssh and sftp

Ryan Frantz ryanfrantz at
Sun Sep 23 07:10:40 EST 2007


I'm current running an older, patched version of OpenSSH with chroot
support (OpenSSH_4.2-chrootsshp1).  It's the chrootssh patch that James
Dennis has been providing.  I checked back lately and found that even
with the portable OpenSSH source currently at 4.7p1, James doesn't have
anything newer than 4.5p1.  I'd like to upgrade so I tried my hand at
implementing the patch in the 4.7p1 source.  Everything compiles just
fine and I even get a successful chroot for ssh sessions.  My problem is
that calls to the sftp-server subsystem fail miserably (and quietly).
Even with debugging turned on in the server and client, I still can't
get any decent output to start troubleshooting.

My questions are two-fold, then:

1. Are there plans to support chroot()'ing in the portable source?
2. What other chroot options are there available for the portable source
(I've seen Damien Miller's patch for OpenBSD, but I don't really have
any experience coding in C)?

Ryan Frantz
Senior System Engineer
InforMed, LLC
410-972-2025 x2131
ryanfrantz at

More information about the openssh-unix-dev mailing list