Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ssh-chrootmgr(1) — Tru64 UNIX 5.1b

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ssh2(1)

sshd2(8)

sshd2_config(4)

ssh-chrootmgr(1)  —  Commands

NAME

ssh-chrootmgr − Sets up chroot-ready environment for users

SYNOPSIS

ssh-chrootmgr [−h | −? | −-help] [−n] [−q] [−v] [username]

OPTIONS

−h, −?, or −-help
Displays help.

−nDisplays what would happen but does not actually do any copies. Particularly useful with the −v option. 

−qDisplays errors. 

−vDisplays verbose information. 

DESCRIPTION

You use the ssh-chrootmgr command when you want the sshd daemon and the sftp-server to enforce use of the ChRootUsers or ChRootGroups keywords in the sshd2_config file. Using the ChRoot{Users,Groups} keywords allows you to restrict users to his or her own home directory. 

The ssh-chrootmgr command tries to identify the specified user’s home directory from the /etc/passwd file. You can supply more than one username, in which case all these accounts are processed.  The ssh-chrootmgr command creates a bin directory if it does not exist under the user’s home directory. It then copies ssh-dummy-shell and sftp-server2 to this directory and makes a symbolic link sftp-server in that directory to point to the sftp-server2 binary. 

After you enter the ssh-chrootmgr command:

     1.Add the user names to the ChRootUsers keyword and group names to the ChRootGroups keyword in the sshd2_config file. 

     2.Change the users’ shell to /bin/ssh-dummy-shell in the /etc/passwd file. After the chroot operation, the /bin directory is the bin directory in the user’s home directory, from the user’s perspective. 

LEGAL NOTICES

SSH is a registered trademark of SSH Communication Security Ltd. 

SEE ALSO

Commands: ssh2(1) sshd2(8)

Files: sshd2_config(4)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026