Quote:
Originally Posted by milo974
It works perfect.
|
Then you may have used chmod(1) or chown(8), or both, in order to provide rw access to /dev/pf. It is filemode 600 and owned by wheel:root in the default install.
Quote:
....is it enough in security?
|
It depends what you mean by the word
security. We don't know what you mean by the word, or what else you've done, or what you intend.
Example, if you allow password authentication, and SSH access is exposed to the Internet, then
I would consider your solution insecure. Others might think strong passwords are sufficient. Still more might recommend using a non-default port number. I wouldn't. But then, I don't know what you mean by "security."
Quote:
In my config, what is best way : use chroot or systrace?
|
I don't see how either would apply to shell commands.
First, ask yourself,
"What is it I wish to accomplish?" Once you have the answer,
then you can search for a technical solution, and ask for advice or best practice. Don't start with technical tools, and ask if they apply to an ill-defined solution.