This is a discussion on Re: ChrootDirectory on a per key basis - openssh ; Damien Miller wrote: > > > or even better, could a 'chrootdir' option be added to the > > > Authorized keys format? > > > > Yes. I think this will be the easiest to implement. Give it a ...
Damien Miller wrote:
> > > or even better, could a 'chrootdir' option be added to the
> > > Authorized keys format?
> >
> > Yes. I think this will be the easiest to implement. Give it a shot.
> > Infrastructure is in place also for passing a value from options in
> > authorized_keys.
>
> No, letting users chroot to arbitrary directories introduces
> serious security problems.
Thanks - this is an important point!
I was thinking about (and hope the OP did too) a case where
authorized_keys is not user writable, but always controlled by
the adminstrator.
//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev
