LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices

Reply
 
Search this Thread
Old 06-21-2010, 12:45 AM   #1
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
openssh 5.5, RHEL 5.4 (or centos 5), chroot jail


Hi,

I found several articles/walk through tutorials
that supposedly allow to set-up the built-in sftp
chroot jail of openssh in more recent versions
on the OSes mentioned above. While I managed to
compile and install the version with minor issues,
and also created a jail following instructions
that lets me connect via sftp into my jail, I
can't do anything in terms of file up-/download,
cd, ls ... all just gives me a permission denied.

I verified that SELinux is working but not stopping
the jailed user; from my perspective the ownerships
and perms on the jail directory are correct (only
root:root & 700), and the home under the jail owned
by the respective user.

Has anyone managed to get this to play? Would they
be willing to share the procedure?



Cheers,
Tink
 
Old 06-21-2010, 02:23 AM   #2
saifkhan123
Member
 
Registered: Apr 2009
Distribution: Red Hat/CentOS
Posts: 108

Rep: Reputation: 19
You mean you cant upload/download etc by using a root user too?
 
Old 06-21-2010, 01:40 PM   #3
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Original Poster
Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
That goes w/o saying. :}

You wouldn't want a) root ssh allowed or b) root in a chroot jail.


Cheers,
Tink
 
Old 06-24-2010, 10:31 AM   #4
alli_yas
Member
 
Registered: Apr 2010
Location: Johannesburg
Distribution: Fedora 14, RHEL 5.5, CentOS 5.5, Ubuntu 10.04
Posts: 559

Rep: Reputation: 92
Hi Tink,

Did you manually upgrade openssh - I know the standard openssh version on RHEL 5.5 (4.3 I think it is) doesn't support chroot jails - I've seen another thread where a user had a similar problem on CentOS 5.
 
Old 06-24-2010, 02:50 PM   #5
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Original Poster
Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
I did indeed. While the 4.8 available on EPEL supposedly
does have chroot jails it lacks a few features that can't
have been backported.

However, as far as I'm concerned the issue is resolved.
After weeks of farting around with it I stumbled upon one
tutorial that DIDN'T say the perms on the base chroot dir
need to be 0700, but 0755, and voila, it all works. *sigh*

It's a shame how much time I wasted ....


Cheers,
Tink
 
Old 06-25-2010, 02:34 AM   #6
alli_yas
Member
 
Registered: Apr 2010
Location: Johannesburg
Distribution: Fedora 14, RHEL 5.5, CentOS 5.5, Ubuntu 10.04
Posts: 559

Rep: Reputation: 92
Would you mind posting a few links to a few of the tutorials you used to set this up? I'd love to give it a shot - I'm hoping RHEL 6 is released with openssh 5 - and I'd then implement across the board on my servers.
 
Old 06-25-2010, 05:11 AM   #7
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Original Poster
Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
Will try to remember posting them when I'm back at work; don't have my
browser history here at home.

If there's nothing from me here by Tuesday tack a new post on ;}



Cheers,
Tink
 
Old 11-08-2010, 11:44 PM   #8
gattler
LQ Newbie
 
Registered: Nov 2010
Posts: 5

Rep: Reputation: 0
The Links?
 
Old 01-18-2012, 07:26 PM   #9
damang111
LQ Newbie
 
Registered: Sep 2010
Posts: 4

Rep: Reputation: 0
..

Quote:
Originally Posted by gattler View Post
The Links?
http://www.cyberciti.biz/tips/howto-...ail-setup.html

I have tested the above with sftp and working no problems for my clients.

works RHEL 5.4 and 5.7 .. there is lots of help in the comments for 64-bit versions.
 
  


Reply

Tags
chroot, jail, openssh, sftp


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenSSH 4.7+ chroot-ed SFTP and CentOS 5.3 iSpaZZZ^ Linux - Software 2 06-04-2010 09:51 AM
[SOLVED] chroot jail problem: 'empty' jail MatrixS_Master Linux - Security 4 03-27-2010 06:25 AM
id -un, whoami in OpenSSH built in jail function hijack204 Linux - Enterprise 4 07-28-2008 12:05 PM
chroot jail w/ openssh problems goillini Linux - Security 15 07-14-2008 04:49 PM
run postfix in a chroot jail in rhel 5 the_gripmaster Linux - Server 2 06-28-2007 01:16 PM


All times are GMT -5. The time now is 11:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration