PHWinfo - Afficher un message

07/11/2006, 19h39

I saw this problem posted on many places with no solution so far.

How can we chroot SFTP but NOT SSH sessions for the same user ?
I know it doesn't make sense but humor me, this is a requirement in
some enterprise environments with many generic apps IDs.

The session.c evaluates the type of connection in the function
session_input_channel_req which is called from serverloop.c by
server_input_channel_req.
However, this is all done way after chroot happens in the
do_setusercontext function.

so I'm trying to find a way to get the same at that level. I just need
a hint which is the first function to differentiate between sftp and
ssh in the openssh code and how to use it in session.c

Any will be much appreciated.

MJ

07/11/2006, 19h39	#1
mohamed.zubaidi@gmail.com Messages: n/a Hébergeur:	chroot SFTP ONLY I saw this problem posted on many places with no solution so far. How can we chroot SFTP but NOT SSH sessions for the same user ? I know it doesn't make sense but humor me, this is a requirement in some enterprise environments with many generic apps IDs. The session.c evaluates the type of connection in the function session_input_channel_req which is called from serverloop.c by server_input_channel_req. However, this is all done way after chroot happens in the do_setusercontext function. so I'm trying to find a way to get the same at that level. I just need a hint which is the first function to differentiate between sftp and ssh in the openssh code and how to use it in session.c Any will be much appreciated. MJ