| version 1.189, 2015/01/13 07:39:19 |
version 1.190, 2015/01/22 20:24:41 |
|
|
| Specifies the pathname of a directory to |
Specifies the pathname of a directory to |
| .Xr chroot 2 |
.Xr chroot 2 |
| to after authentication. |
to after authentication. |
| All components of the pathname must be root-owned directories that are |
At session startup |
| not writable by any other user or group. |
.Xr sshd 8 |
| |
checks that all components of the pathname are root-owned directories |
| |
which are not writable by any other user or group. |
| After the chroot, |
After the chroot, |
| .Xr sshd 8 |
.Xr sshd 8 |
| changes the working directory to the user's home directory. |
changes the working directory to the user's home directory. |
|
|
| inside the chroot directory on some operating systems (see |
inside the chroot directory on some operating systems (see |
| .Xr sftp-server 8 |
.Xr sftp-server 8 |
| for details). |
for details). |
| |
.Pp |
| |
For safety, it is very important that the directory heirarchy be |
| |
prevented from modification by other processes on the system (especially |
| |
those outside the jail). |
| |
Misconfiguration can lead to unsafe environments which |
| |
.Xr sshd 8 |
| |
cannot detect. |
| .Pp |
.Pp |
| The default is not to |
The default is not to |
| .Xr chroot 2 . |
.Xr chroot 2 . |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh