0

Like a virtual host declaration at a web server, I'd like to control sshd when a connection with a certain domain name gets established. That is, multiple domain names point to the sshd machine, which has only a single IP address.

Is it possible at all? Following doesn't seem to work:

Match Host some-domain.com
  ChrootDirectory /some/dir

If I connect from my local machine with ssh some-domain.com I'm not rooted to /some/dir.

Can it be done anyhow? According to this (old) question and its answers it is not possible...

robsch
  • 147
  • 9
  • That hasn't changed and is unlikely to do so. – Gerald Schneider Oct 14 '20 at 10:16
  • @GeraldSchneider Thanks for the link that I've already provided ;-) I'm wondering if anything might have changed. E.g. with that 'rdomain' setting, which I don't understand. And I don't know what the 'Match Host' stands for... – robsch Oct 14 '20 at 11:03
  • `Match Host` is an SSH client side directive. – Tero Kilkanen Oct 14 '20 at 17:32
  • @TeroKilkanen Really? The [man page](https://man.openbsd.org/sshd_config#Match) of sshd_config doesn't contain that information. – robsch Oct 15 '20 at 06:51
  • It doesn't make any sense in the server side, since SSH server cannot know what the domain name resolved before connecting to server's IP. The documentation could be better. `rdomain` is an OpenBSD specific construct for multiple network spaces in the kernel, and is unrelated to your queston. – Tero Kilkanen Oct 15 '20 at 19:36
  • @TeroKilkanen If you are sure you could create an official answer for my question. – robsch Oct 16 '20 at 06:40

0 Answers0