Erinevus lehekülje "Openssh chroot" redaktsioonide vahel

Allikas: Kuutõrvaja
10. rida: 10. rida:
  
  
/usr/local/sbin/sshd -t -f /usr/local/etc/sshd_config
+
/usr/local/sbin/sshd -t -f /usr/local/etc/sshd_config
  
  
#!/bin/sh
+
#!/bin/sh
mkdir /home/chroot/
+
mkdir /home/chroot/
mkdir /home/chroot/home/
+
mkdir /home/chroot/home/
cd /home/chroot
+
cd /home/chroot
mkdir etc
+
mkdir etc
mkdir bin
+
mkdir bin
mkdir lib
+
mkdir lib
mkdir usr
+
mkdir usr
mkdir usr/bin
+
mkdir usr/bin
mkdir dev
+
mkdir dev
mknod dev/null c 1 3
+
mknod dev/null c 1 3
mknod dev/zero c 1 5
+
mknod dev/zero c 1 5
 
+
APPS="/bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh"
+
APPS="/bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh"
for prog in $APPS;  do
+
for prog in $APPS;  do
        cp $prog ./$prog
+
        cp $prog ./$prog
 
+
        # obtain a list of related libraries
+
        # obtain a list of related libraries
        ldd $prog > /dev/null
+
        ldd $prog > /dev/null
        if [ "$?" = 0 ] ; then
+
        if [ "$?" = 0 ] ; then
                LIBS=`ldd $prog | awk '{ print $3 }'`
+
                LIBS=`ldd $prog | awk '{ print $3 }'`
                for l in $LIBS; do
+
                for l in $LIBS; do
                        mkdir -p ./`dirname $l` > /dev/null 2>&1
+
                        mkdir -p ./`dirname $l` > /dev/null 2>&1
                        cp $l ./$l
+
                        cp $l ./$l
                done
+
                done
        fi
+
        fi
done
+
done
  
  

Redaktsioon: 27. veebruar 2008, kell 15:50

http://www.howtoforge.com/chrooted_ssh_howto_debian_p2 

fetch http://chrootssh.sourceforge.net/download/openssh-4.2p1-chroot.tar.gz
tar -xf openssh-4.2p1-chroot.tar.gz
cd openssh-4.2p1-chroot
./configure
make
make install



/usr/local/sbin/sshd -t -f /usr/local/etc/sshd_config



#!/bin/sh
mkdir /home/chroot/
mkdir /home/chroot/home/
cd /home/chroot
mkdir etc
mkdir bin
mkdir lib
mkdir usr
mkdir usr/bin
mkdir dev
mknod dev/null c 1 3
mknod dev/zero c 1 5

APPS="/bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh"
for prog in $APPS;  do
        cp $prog ./$prog

        # obtain a list of related libraries
        ldd $prog > /dev/null
        if [ "$?" = 0 ] ; then
                LIBS=`ldd $prog | awk '{ print $3 }'`
                for l in $LIBS; do
                        mkdir -p ./`dirname $l` > /dev/null 2>&1
                        cp $l ./$l
                done
        fi
done


FreeBSD

/usr/ports/security/openssh-portable 

[X] OPENSSH_CHROOT  Enable CHROOT support
Pärit leheküljelt "https://kuutorvaja.eenet.ee/w/index.php?title=Openssh_chroot&oldid=6692"