http://bugzilla.novell.com/show_bug.cgi?id=518238 User anicka@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=518238#c1 Anna Bernathova <anicka@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution| |INVALID --- Comment #1 from Anna Bernathova <anicka@novell.com> 2009-08-17 11:10:48 MDT --- I believe that our wiki is wrong: The chroot directory IMHO does not have to be owned by root. Just skip the "chown root.root /home/$USERNAME;" and all goes fine. (You should also use ie. ChrootDirectory /home/%u instead of %h because the string substituted for %h is got from by getpwnam() and this function gets it from /etc/passwd, so you will end up in "/" instead of home.) I cannot find any security reason for making root owner of the chroot directory - while "/" is written in passwd and so you have no way to force system daemons to run your binaries, all should be OK. I will consult it with other people to make sure I am not wrong and if not, I will fix the wiki entry. But I think you can safely follow my advice. As this is a matter of permission settings, not an openssh bug, I am closing this as invalid. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.