From owner-freebsd-security  Fri Jan  3 13:16:32 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 036F237B401
	for <security@freebsd.org>; Fri,  3 Jan 2003 13:16:30 -0800 (PST)
Received: from jack.clarksys.com (jack.clarksys.com [64.70.36.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 70ED743ED1
	for <security@freebsd.org>; Fri,  3 Jan 2003 13:16:29 -0800 (PST)
	(envelope-from max@clarksys.com)
Received: (qmail 81950 invoked by uid 504); 3 Jan 2003 21:15:51 -0000
Received: from [209.101.124.143] (HELO minimax) (209.101.124.143) by jack.clarksys.com (qpsmtpd/0.11-dev) with SMTP; 2003-01-03 21:15:48Z
From: "Max Clark" <max@clarksys.com>
To: <security@freebsd.org>
Subject: Shell access in chroot?
Date: Fri, 3 Jan 2003 13:16:27 -0800
Message-ID: <004f01c2b36d$612ecf20$4400060a@minimax>
MIME-Version: 1.0
Content-Type: text/plain;	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2616
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Importance: Normal
X-Spam-Check-By: jack.clarksys.com
X-Spam-Status: No, hits=3.1 required=5.0 tests=CARRIAGE_RETURNS,INVALID_MSGID,SPAM_PHRASE_00_01 version=2.41
X-SMTPD: qpsmtpd/0.11-dev, http://develooper.com/code/qpsmtpd/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hi all,

I would like to set up a box and provide limited shell access to users.
Is there a way I could chroot a user on a ssh/telnet session like ftp?

If I were to give shell access to users, what kind of local security
hardening should I employ? Tips/Suggestions would be greatly
appreciated.

Thanks in advance,

Max



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message