ChrootDirectory on a per key basis

Jefferson Ogata Jefferson.Ogata at
Sat Oct 25 02:20:33 EST 2008

On 2008-10-24 02:36, Peter Stuge wrote:
> Teemu Ikonen wrote:
>> or even better, could a 'chrootdir' option be added to the
>> Authorized keys format?
> Yes. I think this will be the easiest to implement. Give it a shot.
> Infrastructure is in place also for passing a value from options in
> authorized_keys.

Uh, wouldn't that be a Very Bad Idea?

Adding Match support is one thing. Letting users specify their own
chroot location is something else entirely.

Jefferson Ogata <Jefferson.Ogata at>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at>
"Never try to retrieve anything from a bear."--National Park Service

More information about the openssh-unix-dev mailing list