From 1fe64736e6d768c64774010591775e1b292863f2 Mon Sep 17 00:00:00 2001 From: Kevin Steves Date: Sat, 19 Dec 2009 16:53:14 +0000 Subject: try to clarify ChrootDirectory pathname argument a bit; resulting from a question on openssh-unix-dev. ok jmc@ --- usr.bin/ssh/sshd_config.5 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'usr.bin/ssh/sshd_config.5') diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index 1ae8e0fb945..e622e0882db 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.112 2009/11/10 02:58:56 djm Exp $ -.Dd $Mdocdate: November 10 2009 $ +.\" $OpenBSD: sshd_config.5,v 1.113 2009/12/19 16:53:13 stevesk Exp $ +.Dd $Mdocdate: December 19 2009 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -183,16 +183,16 @@ are supported. The default is .Dq yes . .It Cm ChrootDirectory -Specifies a path to +Specifies the pathname of a directory to .Xr chroot 2 to after authentication. -This path, and all its components, must be root-owned directories that are +All components of the pathname must be root-owned directories that are not writable by any other user or group. After the chroot, .Xr sshd 8 changes the working directory to the user's home directory. .Pp -The path may contain the following tokens that are expanded at runtime once +The pathname may contain the following tokens that are expanded at runtime once the connecting user has been authenticated: %% is replaced by a literal '%', %h is replaced by the home directory of the user being authenticated, and %u is replaced by the username of that user. -- cgit v1.2.3