[scponly] chroot functionality ...
Kaleb Pederson
kpederson at ewu.edu
Fri Mar 18 18:40:12 EST 2005
That would be nice, but a lot of trouble (if even possible) to get working on
AIX-5.2. Right now, I think I'm in as good of shape as possible, without
recompiling OpenSSH and statically linking it. My chroot currently looks
like:
# ldd /u03/upload/usr/local/libexec/sftp-server
/u03/upload/usr/local/libexec/sftp-server needs:
/usr/lib/libc.a(shr.o)
/unix
/usr/lib/libcrypt.a(shr.o)
Files:
# size, date, filename
21 2005-02-09 14:10 /unix -> /usr/lib/boot/unix_64
7161907 2005-01-04 13:22 /usr/ccs/lib/libc.a
10653527 2004-11-23 20:24 /usr/lib/boot/unix_64
19 2004-10-19 12:57 /usr/lib/libc.a -> /usr/ccs/lib/libc.a
10969 2004-09-30 12:15 /usr/lib/libcrypt.a
I'm not very familiar with AIX yet, so if someone has some tricks that are
likely to work, I'm open to suggestions.
Thanks.
--Kaleb
On Friday 18 March 2005 2:26 pm, you wrote:
> On Fri, Mar 18, 2005 at 01:17:08PM -0800, Kaleb Pederson wrote:
> > Ok. We currently have hundreds of users. Using scponly as delivered,
> > currently my only option is to setup a chroot per user. If, for example,
> > the required chroot is 18 megs (it is on one of my systems), this results
> > in gigabytes of storage space.
>
> [snip]
>
> 18 megs, per chroot?! My scponly chroot's are 228k in size. Fully
> functional. No complaints. Each user has their own chroot bla bla bla.
>
> Have you tried scpjailer[1]? This is what I use and have been using for
> a while now. Very good it is too.
>
> [1] http://tjw.org/scpjailer/
>
> Regards,
> David.
More information about the scponly
mailing list