LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Unable to get shell when using SSH/CHROOT/PAM_TACPLUS
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 11-16-2004, 09:32 AM   #1
slug420
Member
 
Registered: Jul 2004
Posts: 68

Rep: Reputation: 15
Unable to get shell when using SSH/CHROOT/PAM_TACPLUS

Having some trouble with CHROOT/PAM. I am able to log in to my SuSe box(ssh) and have my authentication handed off to TACACS via PAM and then open a CHROOTed shell, but another user, with identical settings as far as I can tell, cannot. He logs in, the authentication succeeds according to /var/log/messages and the tacacs server but he is not given a shell and the connection immediatly closes.

Here are some config files in case they help

tail of /var/log/messages
Code:
Nov 16 10:17:11 linux sshd[12716]: pam_sm_authenticate: called (pam_tacplus v1.2.9)
Nov 16 10:17:11 linux sshd[12716]: pam_sm_authenticate: user [linc] obtained
Nov 16 10:17:11 linux sshd[12716]: tacacs_get_password: called
Nov 16 10:17:14 linux sshd[12716]: tacacs_get_password: obtained password [p4Ss0R!]
Nov 16 10:17:14 linux sshd[12716]: pam_sm_authenticate: pass [p4Ss0R!] obtained
Nov 16 10:17:14 linux sshd[12716]: pam_sm_authenticate: tty [ssh] obtained
Nov 16 10:17:14 linux sshd[12716]: pam_sm_authenticate: trying srv 0
Nov 16 10:17:14 linux sshd[12716]: pam_sm_authenticate: exit
Nov 16 10:17:14 linux sshd[12714]: Accepted keyboard-interactive/pam for giulinc from ::ffff:10.1.1.2 port 3448 ssh2

/etc/security/chroot.conf
Code:
# /etc/security/chroot.conf
# format:
# username      chroot_dir
#foo    /home/foo
user1 /home/vnc/./monkeys
linc /home/vnc/./monkeys
# Or, if you've specified use_regex,
# username_regex        chroot_dir
#^bar.*         /home/bar

home dir:
Code:
linux:/home/vnc/monkeys # pwd; ls -al
/home/vnc/monkeys
total 1
drwxr-xr-x   7 root root 192 2004-08-10 15:41 .
drwxr-xr-x  10 root root 240 2004-08-10 15:41 ..
drwxr-xr-x   2 root root 120 2004-08-10 15:41 bin
drwxr-xr-x   2 root root  96 2004-08-10 15:41 dev
drwxr-xr-x   2 root root  96 2004-08-10 15:41 etc
drwxr-xr-x   3 root root  72 2004-08-10 15:41 home
drwxr-xr-x   3 root root 600 2004-08-10 15:41 lib
lrwxrwxrwx   1 root root   4 2004-08-10 15:41 sh -> bash
linux:/home/vnc/monkeys #
excerpts from /etc/passwd:
Code:
user1:x:1004:100::/:/bin/bash
linc:x:1011:100::/:/bin/bash

not sure what else is relevant.

Thanks in advance for any advice
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
chroot ssh Manuel-H Slackware 3 09-15-2005 05:33 PM
How to implement chroot in SSH urehman Red Hat 0 10-26-2004 02:41 PM
trouble with chroot ssh slug420 Linux - Security 6 08-10-2004 01:34 PM
ssh for chroot Thorsten Linux - Security 1 08-26-2003 05:46 AM
ssh for chroot Thorsten Linux - Software 0 08-26-2003 03:49 AM


All times are GMT -5. The time now is 04:47 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration