Put Your OpenSSH Server in SSHjail

“Jailing is a mechanism to virtually change a system’s root directory. By employing this method, administrators can isolate services so that they cannot access the real filesystem structure. You should run unsecured and sensitive network services in a chroot jail, because if a hacker can break into a vulnerable service he could exploit your whole system. If a service is jailed, the intruder will be able to see only what you want him to see – that is, nothing useful. Some of the most frequent targets of attack, which therefore should be jailed, are BIND, Apache, FTP, and SSH. SSHjail is a patch for the OpenSSH daemon. It modifies two OpenSSH files (session.c and version.h) and allows you to jail your SSH service without any need for SSH reconfiguration.”

9 Comments

  1. xmv_ 2007-04-25 12:56 pm EST
    • dswain 2007-04-25 8:20 pm EST
  2. BTrey 2007-04-25 1:18 pm EST
    • prymitive 2007-04-25 1:33 pm EST
      • Doc Pain 2007-04-25 7:40 pm EST
    • nevali 2007-04-25 1:58 pm EST
    • JoeBuck 2007-04-25 7:09 pm EST
  3. antik 2007-04-25 1:39 pm EST
  4. ghen 2007-04-26 7:03 am EST