LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   jailkit closes ssh session (https://www.linuxquestions.org/questions/linux-software-2/jailkit-closes-ssh-session-490074/)

xilace 10-06-2006 01:41 PM

jailkit closes ssh session
 
First of im using FC5 on a G4 mac. I downloaded the latest jailkit from http://olivier.sessink.nl/jailkit/index.html

I have got everything setup and configured just how the documentation says to do so here: http://olivier.sessink.nl/jailkit/howtos_ssh_only.html
yet i am unable to login as that user. the error i get is:
Code:

[root@localhost ~]# ssh john@localhost
john@localhost's password:
Last login: Fri Oct  6 10:18:40 2006 from localhost.localdomain
Could not chdir to home directory /home/chrootusers/./home/john: No such file or directory
Connection to localhost closed.
[root@localhost ~]#

the line in /etc/passwd is:
Code:

john:x:1002:100::/home/chrootusers/./home/john:/usr/sbin/jk_chrootsh
line from /etc/group is:
Code:

john:x:502:
line from /home/chrootusers/etc/passwd is:
Code:

john:x:1002:100::/home/johusers:x:100:
n:/bin/bash

line from /home/chrootusers/etc/group is:
Code:

users:x:100:
permissions on /home is:
Code:

drwxr-xr-x 8 root  root  4096 Oct  6 10:22 chrootusers
drwxr-xr-x 3    501 john  4096 Oct  6 10:24 john

If anybody has any ideas or suggestions it would be greatly apprieciated. All im really trying to accomplish here is to let somebody tunnel through the box. i really dont want them to do anything else on the box or view anything... just tunnel through it via ssh.

jeelliso 10-06-2006 01:47 PM

The line "/home/chrootusers/./home/john" will look for the directory "/home/chrootusers/home/john" and I'm not sure this is what you want it to do, or is it. If not, and this directory does not exist, that could be your problem.

~Justin

xilace 10-06-2006 02:01 PM

im not completely sure to be honest. I'm just simply following the direction's that i posted a link to.

jeelliso 10-06-2006 02:05 PM

This line should probably be changed to just "/home/john".

~Justin

xilace 10-06-2006 02:40 PM

if i change it from
Code:

john:x:1002:100::/home/chrootusers/./home/john:/usr/sbin/jk_chroots
to
Code:

john:x:1002:100::/home/john:/usr/sbin/jk_chrootsh
then i does this:
Code:

[root@localhost ~]# ssh john@localhost
john@localhost's password:
Last login: Fri Oct  6 11:00:10 2006 from localhost.localdomain
Connection to localhost closed.
[root@localhost ~]#


jeelliso 10-06-2006 03:36 PM

try changing "/usr/sbin/jk_chroots" to "/bin/bash"

[edit]Sorry, this probably won't do what you're asking for. Chaning it to "/bin/bash" will allow FULL ssh access, not just access to the ssh command. You need to change "usr/sbin/jk_chrootsh" to whatever command acts as a shell but only allows ssh access. Are you configuring a router or a firewall? Why do you just need ssh access through this user?

xilace 10-06-2006 04:50 PM

well as i was explaining... i just want this user to have ssh access and not be able to touch anything else. In the example with the link i sent supposedly this is supposed to be able to do just that. but for some reason i cant get it to work.

basically i have a friend that needs to do a ssh tunnel. well i dont wish for him to be able to do anything on my system, so i would prefer that he only be able to ssh and thats all. the only way i know how to do such a thing is setting up a jail.

xilace 10-07-2006 11:20 AM

*bump* still looking for a resolution on any type of "jailkit" that will work on FC5.


All times are GMT -5. The time now is 03:34 AM.