148093 – Chrooted SFTP (net-misc/openssh)

Bug 148093 - Chrooted SFTP (net-misc/openssh)

Summary: Chrooted SFTP (net-misc/openssh)

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Server (show other bugs)
Hardware:	All All

Importance:	High enhancement (vote)
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-09-18 10:36 UTC by Elvis Pranskevichus
Modified:	2006-09-18 14:11 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
SFTP chroot patch (sftp-chroot.patch,7.61 KB, patch) 2006-09-18 10:39 UTC, Elvis Pranskevichus	Details \| Diff
Slightly improved version of the sftpchroot patch (openssh-4.3_p2-sftpchroot.patch,2.74 KB, patch) 2006-09-18 13:37 UTC, Elvis Pranskevichus	Details \| Diff
openssh ebuild patch to support the sftpchroot USE flag (openssh-4.3_p2-sftpchroot.ebuild.patch,1.44 KB, patch) 2006-09-18 13:41 UTC, Elvis Pranskevichus	Details \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Elvis Pranskevichus 2006-09-18 10:36:31 UTC

net-misc/openssh package has a 'chroot' USE flag that applies a patch making sshd to chroot on login. This approach is not very convinient because you have to setup the chroot environment for it to work. Since (IMHO) chroot for ssh is mainly used for chrooted sftp, I think that it is more reasonable to patch sftp-server itself. When set as a user's shell, it can freely chroot without the need for a prepared environment. So I propose the addition of a 'chroot_sftp' USE flag that will apply the following patch.

Comment 1 Elvis Pranskevichus 2006-09-18 10:39:19 UTC

Created attachment 97348 [details, diff]
SFTP chroot patch

This is a slightly modified version of a patch found at http://web.archive.org/web/20040608153223/coding-zone.com/chroot+sftp-server.patch. 
Works perfectly for me.

Comment 2 Jakub Moc (RETIRED) gentoo-dev

2006-09-18 11:06:11 UTC

Why don't you use net-misc/scponly for this?

Comment 3 Elvis Pranskevichus 2006-09-18 11:40:25 UTC

(In reply to comment #2)
> Why don't you use net-misc/scponly for this?
> 

Generally, I prefer to keep the list of apps I install on my servers short and trusted. But, anyways, thanks for the hint. I'll look into it.

Comment 4 Elvis Pranskevichus 2006-09-18 12:23:57 UTC

(In reply to comment #3)
> (In reply to comment #2)
> > Why don't you use net-misc/scponly for this?
> > 
> 
> Generally, I prefer to keep the list of apps I install on my servers short and
> trusted. But, anyways, thanks for the hint. I'll look into it.
> 

Well, scponly is no better than the original openssh 'chroot' hack. It's just a shell wrapper and thus requires a chroot environment. It's not an implementation of the SFTP server. While patching the original sftp-server provides a lightweight solution to a problem (although it's somewhat of a hack).

Comment 5 Elvis Pranskevichus 2006-09-18 13:37:36 UTC

Created attachment 97359 [details, diff]
Slightly improved version of the sftpchroot patch

Changelog: 
- Make sure that added code is consistently within #ifdef CHROOT
- Make a copy of getpwuid()->pw_dir before messing up with it
- Don't include <syslog.h>, since the logging is done with internal helpers
- Move setuid check out of chroot_init function and clean it up a bit

Comment 6 Elvis Pranskevichus 2006-09-18 13:41:01 UTC

Created attachment 97361 [details, diff]
openssh ebuild patch to support the sftpchroot USE flag

Add sftpchroot USE flag, apply the patch and setuid the sftp-server binary. The patch is against openssh-4.3_p2-r1.ebuild.

Comment 7 SpanKY gentoo-dev

2006-09-18 14:11:08 UTC

openssh.org is the place to submit this