Testing wanted: OpenSSH 4.8

Damien Miller djm at mindrot.org
Sat Mar 15 09:20:21 EST 2008


On Fri, 14 Mar 2008, Jan-Frode Myklebust wrote:

> On 2008-03-13, Damien Miller <djm at mindrot.org> wrote:
> >
> > The highlights of this release are:
> >
> >   * Added chroot(2) support for sshd(8), controlled by a new option
> >     "ChrootDirectory". Please refer to sshd_config(5) for details, and
> >     please use this feature carefully. (bz#177 bz#1352)
> 
> I miss some documentation on this feature...
> 
> It seems to require:
> 
> 	UsePrivilegeSeparation no

No, it should not and does not on the platforms I have tested on. What
errors do you see when privsep is enabled?

> and maybe it's strongly adviceable to also use:
> 
> 	AllowTcpForwarding no
> 	X11Forwarding no
> 	PermitUserEnvironment no
> 	# and more ?

For some uses, sure.

-d


More information about the openssh-unix-dev mailing list