Testing wanted: OpenSSH 4.8
Damien Miller
djm at mindrot.org
Sat Mar 15 09:20:21 EST 2008
On Fri, 14 Mar 2008, Jan-Frode Myklebust wrote:
> On 2008-03-13, Damien Miller <djm at mindrot.org> wrote:
> >
> > The highlights of this release are:
> >
> > * Added chroot(2) support for sshd(8), controlled by a new option
> > "ChrootDirectory". Please refer to sshd_config(5) for details, and
> > please use this feature carefully. (bz#177 bz#1352)
>
> I miss some documentation on this feature...
>
> It seems to require:
>
> UsePrivilegeSeparation no
No, it should not and does not on the platforms I have tested on. What
errors do you see when privsep is enabled?
> and maybe it's strongly adviceable to also use:
>
> AllowTcpForwarding no
> X11Forwarding no
> PermitUserEnvironment no
> # and more ?
For some uses, sure.
-d
More information about the openssh-unix-dev
mailing list