Today I made our new server at work only let some people to use sftp on login, and made sftp-server chroot before running. This was on a RedHat 8.0 box.
First I downloaded the openssh source, using apt with the
command sudo apt-get source openssh. Then I tried to
run rpm -ba /usr/src/redhat/SPECS/openssh.spec, but
of course that didn't. After much poking around on google I found
that rpmbuild -ba would do the trick. That of course failed half
way thur, but I did poke into the openssh.spec file
and found out what options it passed to ./configure.
I unpacked the tarball myself, then ran ./configure
with the right options. Then I applied the
sftp-chroot.diff patch and did make
sftp-server. I copied that file to
/usr/libexec/openssh/sftp-server-chroot, and did
chmod +s /usr/libexec/openssh/sftp-server-chroot.
Then I edited /etc/passwd and added the magic chars
"/." to the users path, and changed their shell to
/usr/libexec/openssh/sftp-server-chroot. And it
worked.
Aug. 28, 2003 (5 years, 4 months ago)
