View Single Post
  #2   (View Single Post)  
Old 18th June 2008
anomie's Avatar
anomie anomie is offline
Local
 
Join Date: Apr 2008
Location: Texas
Posts: 445
Default

The security/openssh-portable port seems to support chrooted ssh.

Code:
> cd /usr/ports/security/openssh-portable
> make showconfig
===> The following configuration options are available for openssh-portable-5.0.p1,1:
     PAM=on (default) "Enable pam(3) support"
     TCP_WRAPPERS=on (default) "Enable tcp_wrappers support"
     LIBEDIT=on (default) "Enable readline support to sftp(1)"
     KERBEROS=on (default) "Enable kerberos (autodetection)"
     SUID_SSH=off (default) "Enable suid SSH (Recommended off)"
     GSSAPI=off (default) "Enable GSSAPI support (req: KERBEROS)"
     KERB_GSSAPI=off (default) "Enable Kerberos/GSSAPI patch (req: GSSAPI)"
     OPENSSH_CHROOT=off (default) "Enable CHROOT support"
     OPENSC=off (default) "Enable OpenSC smartcard support"
     OPENSCPINPATCH=off (default) "Enable OpenSC PIN patch"
     HPN=off (default) "Enable HPN-SSH patch"
     LPK=off (default) "Enable LDAP Public Key (LPK) patch"
     OVERWRITE_BASE=off (default) "OpenSSH overwrite base"
===> Use 'make config' to modify these settings
Alternatively, put your sshd daemon in a FBSD jail.
__________________
Kill your t.v.
Reply With Quote