OpenSSH 5.2 compiles and runs just fine, backported from Fedora 12.
And a number of companies, such as Centrify, provide updated OpenSSH
for various RHEL releases as part of kerberos enabled single-sign-on
technologies: full Kerberized SSH wasn't available in OpenSSH 4.8.

I've not tried the chroot caging of shells in *years*, though. The way
I used to do it involved some patches the OpenSSH authors absolutely
refused to accept, and also involved building the necessary libraries
for the ssh tools inside the chrooted directory, and setting the
user's $HOME directory setting with a "/./" in it at the base of the
chroot environment.

Lord, that's reaching back a way. One approach is described at
http://blog.wanderinglost.ca/?p=9, which seems familiar in its
approach and might be worth checking for you. I could send you my
.spec file for backporting Fedora 12's version of OpenSSH, which seems
to work but which I stopped pursuing after winding up with a Centrify
binary.

OpenSSH 5.2 compiles and runs just fine, backported from Fedora 12.
And a number of companies, such as Centrify, provide updated OpenSSH
for various RHEL releases as part of kerberos enabled single-sign-on
technologies: full Kerberized SSH wasn't available in OpenSSH 4.8.

I've not tried the chroot caging of shells in *years*, though. The way
I used to do it involved some patches the OpenSSH authors absolutely
refused to accept, and also involved building the necessary libraries
for the ssh tools inside the chrooted directory, and setting the
user's $HOME directory setting with a "/./" in it at the base of the
chroot environment.

Lord, that's reaching back a way. One approach is described at
http://blog.wanderinglost.ca/?p=9, which seems familiar in its
approach and might be worth checking for you. I could send you my
.spec file for backporting Fedora 12's version of OpenSSH, which seems
to work but which I stopped pursuing after winding up with a Centrify
binary.

OpenSSH 5.2 compiles and runs just fine, backported from Fedora 12.
And a number of companies, such as Centrify, provide updated OpenSSH
for various RHEL releases as part of kerberos enabled single-sign-on
technologies: full Kerberized SSH wasn't available in OpenSSH 4.8.

I've not tried the chroot caging of shells in *years*, though. The way
I used to do it involved some patches the OpenSSH authors absolutely
refused to accept, and also involved building the necessary libraries
for the ssh tools inside the chrooted directory, and setting the
user's $HOME directory setting with a "/./" in it at the base of the
chroot environment.

Lord, that's reaching back a way. One approach is described at
http://blog.wanderinglost.ca/?p=9, which seems familiar in its
approach and might be worth checking for you. I could send you my
.spec file for backporting Fedora 12's version of OpenSSH, which seems
to work but which I stopped pursuing after winding up with a Centrify
binary.

OpenSSH 5.2 compiles and runs just fine, backported from Fedora 12.
And a number of companies, such as Centrify, provide updated OpenSSH
for various RHEL releases as part of kerberos enabled single-sign-on
technologies: full Kerberized SSH wasn't available in OpenSSH 4.8.

I've not tried the chroot caging of shells in *years*, though. The way
I used to do it involved some patches the OpenSSH authors absolutely
refused to accept, and also involved building the necessary libraries
for the ssh tools inside the chrooted directory, and setting the
user's $HOME directory setting with a "/./" in it at the base of the
chroot environment.

Lord, that's reaching back a way. One approach is described at
http://blog.wanderinglost.ca/?p=9, which seems familiar in its
approach and might be worth checking for you. I could send you my
.spec file for backporting Fedora 12's version of OpenSSH, which seems
to work but which I stopped pursuing after winding up with a Centrify
binary.