|
Chroot SSH problem: ssh working, not SFTP & SCP.
Hello community,
I have ran a shell script to chroot SSH, this way users will not be able to browse directories and files out of the jail. The script can be found at: http://www.fuschlberger.net/?lang=&n...&t=&dir=&c=&n= After installation I am able to successfully ssh my fedora box from a remote xp host using putty. Good! chrooted ssh is working, not the case of SFTP and SCP. Using the same process with WinSCP results in failure. Going after the logs I found out the following: Jan 28 23:41:15 localhost sshd[5454]: Accepted password for testuser from 10.10.10.51 port 4385 ssh2 Jan 28 23:41:15 localhost sshd[5454]: pam_unix(sshd:session): session opened for user testuser by (uid=0) Jan 28 23:41:15 localhost sshd[5456]: subsystem request for sftp Jan 28 23:41:15 localhost sudo: testuser : sorry, you must have a tty to run sudo ; TTY=unknown ; PWD=/home/chroot/home/testuser ; USER=root ; COMMAND=/usr/sbin/chroot /home/chroot /bin/su - testuser -c /usr/libexec/openssh/sftp-server Jan 28 23:41:15 localhost sshd[5454]: pam_unix(sshd:session): session closed for user testuser I cat my sudoers files and I find an entry for this user at the end of the file: testuser ALL=NOPASSWD: /usr/sbin/chroot, /bin/su - testuser I cannot figure it out though. I lack knowledge editing this file. Any help, suggestion will be appreciated. Thank you NaCo |
You could try to change /bin/su - testuser to /bin/testuser.You gave testuser some root privileges with su -. It looks to me that that's what is "confusing" sftp.
|
Quote:
OP. you need to move some of the tty information inside of the chroot. i dont know how well that will work since you they are devices but it is worth a try |
FIXED!
Thank you guys!
I got it to work,I just needed to change a setting in the sudoers configuration file, take a look to: http://www.howtoforge.com/forums/showthread.php?t=30777 NaCo (AKA:angelito,angel,angelcool) |
| All times are GMT -5. The time now is 02:46 AM. |