Erinevus lehekülje "Openssh chroot" redaktsioonide vahel
Allikas: Kuutõrvaja
| 1. rida: | 1. rida: | ||
| + | '''Linux''' | ||
| + | |||
http://www.howtoforge.com/chrooted_ssh_howto_debian_p2 | http://www.howtoforge.com/chrooted_ssh_howto_debian_p2 | ||
| 8. rida: | 10. rida: | ||
make install | make install | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Redaktsioon: 27. veebruar 2008, kell 16:34
Linux
http://www.howtoforge.com/chrooted_ssh_howto_debian_p2
fetch http://chrootssh.sourceforge.net/download/openssh-4.2p1-chroot.tar.gz tar -xf openssh-4.2p1-chroot.tar.gz cd openssh-4.2p1-chroot ./configure make make install
FreeBSD
/usr/ports/security/openssh-portable
[X] OPENSSH_CHROOT Enable CHROOT support
- mkdir /home/chroot
- cd /home/chroot
- mkdir bin home lib
- mkidir home/kasutaja
- cp /bin/csh /home/chroot/bin
- mkdir libexec
- cp /libexec/ld-elf.so.1 /usr/home/chroot/libexec/
Juhul kui vaja ,et toimiksid ka programmid naug ssh vaja tekitada vajalikud dev failid ja kaust dev vajalike seadmetega
- ldd /bin/csh
/bin/csh:
libncurses.so.7 => /lib/libncurses.so.7 (0x280c6000)
libcrypt.so.4 => /lib/libcrypt.so.4 (0x28109000)
libc.so.7 => /lib/libc.so.7 (0x28122000)
- cp /lib/libncurses.so.7 /home/chroot/lib
- cp /lib/libcrypt.so.4 /home/chroot/lib
- cp /lib/libc.so.7 /home/chroot/lib
Installiks saab kasutada ka j2rgnevat skripti
CHROOT="/usr/home/chroot"
APPS="/bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh"
for prog in $APPS; do
cp $prog $CHROOT/bin
ldd $prog > /dev/null
if [ "$?" = 0 ] ; then
LIBS=`ldd $prog | awk '{ print $3 }'`
cp $LIBS $CHROOT/lib
fi
done
Teeme kasutaja nimega kasutaja
tema kodukaustaks /home/jail/./home/kasutaja
ja shelliks /bin/csh
