making openssh work with chroot()'ed accounts?

mouring at etoh.eviladmin.org mouring at etoh.eviladmin.org
Tue Sep 18 08:26:52 EST 2001



On Mon, 17 Sep 2001, James Ralston wrote:
[..]
>
> Is this the mess you were referring to, or was it something else?
>
Yes.  Maintaining such machinery is nasty, IMHO.. =)  But I tend to
deploy chroot() sparingly.

> Do you know of any reason why making sshd always call do_pam_session()
> wouldn't work?  The pam_chroot module seems to do a good job, so it
> would seem to me that *not* stuffing that functionality into sshd
> would be the best course of action...
>
Sorry, I will not claim to understand PAM in some respects.  I know that
PAM does not always act the same on every platform (Seems HP/UX vs Solaris
to be the major waring parties. =).

- Ben




More information about the openssh-unix-dev mailing list