Feature Request: Chroot Default Shell Escape
Konstantinos Pipinis
k.s.pipinis at gmail.com
Wed Jan 20 22:10:40 AEDT 2021
Dear developers,
The SSH daemon allows sftp connections (through internal-sftp) to a chroot
directory for specific users or groups. This prevents them from having
access with a regular ssh connection to their default terminal (as it
should prevent).
Yet, there are cases (as I had the need to implement) where a custom shell
(eg: used for system configurations) is provided for some users while
simultaneously the users had access only to their designated folder using
the chroot-sftp functionality (in order to download or upload configuration
files and logs).
I would suggest the option for the default shell (as set in passwd) to
escape chroot and execute as normal.
Thank you for your time and consideration. And of course for the amazing
project that is openssh.
Best regards,
Pipinis Konstantinos
PS: This is something I have already implemented and could implement for
the mainstream OpenSSH source.
More information about the openssh-unix-dev
mailing list