 |
Index for
Section 1 |
|
 |
Alphabetical
listing for S |
|
 |
Bottom of
page |
|
ssh-chrootmgr(1)
NAME
ssh-chrootmgr - Sets up chroot-ready environment for users
SYNOPSIS
ssh-chrootmgr [-h | -? | --help] [-n] [-q] [-v] [username]
OPTIONS
-h, -?, or --help
Displays help.
-n Displays what would happen, without executing the command. This is
particularly useful with the -v option.
-q Quiet mode. Displays errors only.
-v Displays verbose information.
DESCRIPTION
You use the ssh-chrootmgr command when you want the sshd daemon and the
sftp-server to enforce use of the ChRootUsers or ChRootGroups keywords in
the sshd2_config file. Using the ChRoot{Users,Groups} keywords allows you
to restrict users to their home directory. This requires, however, that you
use static builds (i.e., no shared libraries) of ssh-dummy-shell and sftp-
server.
The ssh-chrootmgr command tries to identify the user's home directory from
the /etc/passwd file. You can supply more than one username, in which case
all these accounts are processed. The ssh-chrootmgr command creates a bin
directory if it does not exist under the user's home directory, and copies
the static binaries of ssh-dummy-shell and sftp-server2 into this
directory. It also creates a symbolic link, sftp-server, in that directory
to point to the sftp-server2 binary.
After you enter the ssh-chrootmgr command, take the following steps:
1. Add the user names to the ChRootUsers keyword and group names to the
ChRootGroups keyword in the sshd2_config file.
2. Change the users' shell to /bin/ssh-dummy-shell in the /etc/passwd
file. After the chroot operation, the /bin directory is the bin
directory in the user's home directory, from the user's perspective.
LEGAL NOTICES
SSH is a registered trademark of SSH Communication Security Ltd.
SEE ALSO
Commands: ssh2(1) sshd2(8)
Files: sshd2_config(4)
|
Index for
Section 1 |
|
|
Alphabetical
listing for S |
|
 |
Top of
page |
|