int use_dns;
int client_alive_interval; /*
* poke the client this often to
---- openssh-3.7.1p2/session.c 2003-09-23 10:59:08.000000000 +0200
-+++ openssh-3.7.1p2.pius/session.c 2003-10-07 20:49:08.000000000 +0200
-@@ -1231,6 +1231,10 @@
+--- openssh-4.0p1/session.c.orig 2005-03-06 12:38:52.000000000 +0100
++++ openssh-4.0p1/session.c 2005-03-10 15:14:04.000000000 +0100
+@@ -1258,6 +1258,10 @@
void
do_setusercontext(struct passwd *pw)
{
#ifndef HAVE_CYGWIN
if (getuid() == 0 || geteuid() == 0)
#endif /* HAVE_CYGWIN */
-@@ -1268,6 +1272,28 @@
- exit(1);
+@@ -1315,6 +1319,26 @@
+ restore_uid();
}
- endgrent();
-+
+ #endif
+#ifdef CHROOT
+ if (options.use_chroot) {
+ user_dir = xstrdup(pw->pw_dir);
+ new_root += 2;
+
+ if(chroot(user_dir) != 0)
-+ fatal("Couldn't chroot to user directory % s", user_dir);
++ fatal("Couldn't chroot to user directory %s", user_dir);
+ pw->pw_dir = new_root;
+ break;
+ }
+ }
+ }
+#endif /* CHROOT */
-+
# ifdef USE_PAM
/*
- * PAM credentials may take the form of supplementary groups.
+ * PAM credentials may take the form of supplementary groups.
--- openssh-3.7.1p2/sshd_config 2003-09-02 14:51:18.000000000 +0200
+++ openssh-3.7.1p2.pius/sshd_config 2003-10-07 20:49:08.000000000 +0200
@@ -71,6 +71,10 @@
--- openssh-3.7.1p2/sshd_config.0 2003-09-23 11:55:19.000000000 +0200
+++ openssh-3.7.1p2.pius/sshd_config.0 2003-10-07 20:49:08.000000000 +0200
@@ -349,6 +349,16 @@
- CAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de-
- fault is AUTH.
+ To disable TCP keepalive messages, the value should be set to
+ ``no''.
+ UseChroot
+ Specifies whether to use chroot-jail environment with ssh/sftp,
+ For this to work properly you have to create special chroot-jail
+ environment in a /path/to/chroot directory.
+
- UseDNS Specifies whether sshd should lookup the remote host name and
+ UseDNS Specifies whether sshd should look up the remote host name and
check that the resolved host name for the remote IP address maps
back to the very same IP address. The default is ``yes''.
---- openssh-3.7.1p2/sshd_config.5 2003-09-02 14:57:05.000000000 +0200
-+++ openssh-3.7.1p2.pius/sshd_config.5 2003-10-07 20:49:08.000000000 +0200
-@@ -580,6 +580,16 @@
+--- openssh-3.8p1/sshd_config.5.orig 2004-02-18 04:31:24.000000000 +0100
++++ openssh-3.8p1/sshd_config.5 2004-02-25 21:17:23.000000000 +0100
+@@ -552,6 +552,16 @@
The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
The default is AUTH.
+to whatever directory was before the . and continues with the normal ssh
+functionality. For this to work properly you have to create special chroot-jail
+environment in a /path/to/chroot directory.
- .It Cm UseDNS
- Specifies whether
- .Nm sshd
+ .It Cm TCPKeepAlive
+ Specifies whether the system should send TCP keepalive messages to the
+ other side.