LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 12-15-2010, 11:23 AM   #1
dreamline
LQ Newbie
 
Registered: Dec 2010
Posts: 2

Rep: Reputation: 0
Chroot acess with ssh and sftp problem


Hi All,
I'm new to the forum so a big hi to you all. Anyways now onwards to my problem: I followed the following instruction Chrooted SSH/SFTP Tutorial (Debian Etch) and was able to create a chrooted ssh connection. However as soon as I added these lines to sshd_config I was not able to connect to SSH but was able to connect with SFTP:

Match User tstuser
ChrootDirectory /home/cage/ or /home/cage/home or /home/cage/home/tstuser
X11Forwarding no
AllowTCPForwarding no

I have tried about anything and did hours of reading on the internet (also this forum), but came up with no solution for my problem. The problem is as soon as I add the ChrootDirectory Directive my ssh and sftp connection both stop working when logging in. As soon as I use the last ChrootDirectory directive (/home/cage/home/tstuser) then I can login using sftp but can't login using ssh. I've also set the sftp server to internal but no difference.

What am I missing here? I can't seem to get it right. I hope someone experienced a similar problem and found a solution. Any help is welcome. I used a script to create the chroot environment following the instructions.

Regards,
Dreamline

Last edited by dreamline; 12-16-2010 at 07:34 AM.
 
Old 12-15-2010, 11:41 AM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
You neglected to provide a link to the instructions that you used.

Nevertheless the first thing that comes to mind is that the chroot jail does not have the necessary ssh software or some other software is missing from the jail.
 
Old 12-15-2010, 07:32 PM   #3
dreamline
LQ Newbie
 
Registered: Dec 2010
Posts: 2

Original Poster
Rep: Reputation: 0
Oh sorry. Here's the instructions I followed: [URL="http://www.howtoforge.com/chroot_ssh_sftp_debian_etch"].
I also checked the sftp software and sft-server bin is at the jailroot where it should be. So I don't have a clue what I'm missing.

Edit: I think I solved my problem. I ran the script make_chroot_jail.sh with only the user option. In that case /bin/chroot-shell is added in /etc/passwd. When I ran the script with the /bin/bash option everything works and I am locked in my homedir when using Putty and when using SFTP. Even the sshd_config entry for ChrootDirectory works now.

Thanks for helping though..

Last edited by dreamline; 12-16-2010 at 02:58 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
chroot sftp/ssh fails on shell Kanon Linux - Security 5 09-17-2009 09:58 AM
Chroot SSH problem: ssh working, not SFTP & SCP. NaCo Linux - Security 3 02-01-2009 03:23 AM
chroot ssh/sftp on SuSE 9.2 Pro ctb123 Linux - Security 3 06-27-2006 09:45 AM
rssh/sftp chroot problem julz_51 Linux - Security 1 11-01-2005 04:50 PM
Restrict ssh/sftp with chroot? Chowroc Linux - Networking 4 01-25-2005 11:48 AM


All times are GMT -5. The time now is 04:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration