Date: Thu, 19 Oct 2017 11:44:04 -0600 From: JD <jd1008@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Two jail questions Message-ID: <59E8E464.2040205@gmail.com> In-Reply-To: <20171019173224.GA31648@troutmask.apl.washington.edu> References: <20171019173224.GA31648@troutmask.apl.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/19/2017 11:32 AM, Steve Kargl wrote: > 1) If an application (e.g., sshd) needs to reach the internet from a > jail, is it required to have the host system running pf (or other > packet filtering software)? > > 2) Suppose I have to classes of users on a system: normal users and > guest users. For normal users (including those that are members > of the wheel group), I would like those individuals to be able > to use ssh to connect to the host system. For guest users, I > want to isolate those users in a jailed environment. Thus, I'll > have sshd running in both the host and jail. How do I setup > such a scheme? > You might want to read https://access.redhat.com/solutions/284873 https://linuxconfig.org/how-to-automatically-chroot-jail-selected-ssh-user-logins
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59E8E464.2040205>