LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 10-06-2006, 01:41 PM   #1
xilace
LQ Newbie
 
Registered: Oct 2003
Posts: 27

Rep: Reputation: 15
jailkit closes ssh session


First of im using FC5 on a G4 mac. I downloaded the latest jailkit from http://olivier.sessink.nl/jailkit/index.html

I have got everything setup and configured just how the documentation says to do so here: http://olivier.sessink.nl/jailkit/howtos_ssh_only.html
yet i am unable to login as that user. the error i get is:
Code:
[root@localhost ~]# ssh john@localhost
john@localhost's password:
Last login: Fri Oct  6 10:18:40 2006 from localhost.localdomain
Could not chdir to home directory /home/chrootusers/./home/john: No such file or directory
Connection to localhost closed.
[root@localhost ~]#
the line in /etc/passwd is:
Code:
john:x:1002:100::/home/chrootusers/./home/john:/usr/sbin/jk_chrootsh
line from /etc/group is:
Code:
john:x:502:
line from /home/chrootusers/etc/passwd is:
Code:
john:x:1002:100::/home/johusers:x:100:
n:/bin/bash
line from /home/chrootusers/etc/group is:
Code:
users:x:100:
permissions on /home is:
Code:
drwxr-xr-x 8 root   root   4096 Oct  6 10:22 chrootusers
drwxr-xr-x 3    501 john   4096 Oct  6 10:24 john
If anybody has any ideas or suggestions it would be greatly apprieciated. All im really trying to accomplish here is to let somebody tunnel through the box. i really dont want them to do anything else on the box or view anything... just tunnel through it via ssh.
 
Old 10-06-2006, 01:47 PM   #2
jeelliso
Member
 
Registered: Oct 2005
Location: Knoxville, Tn (USA)
Distribution: OpenSUSE, Ubuntu
Posts: 250

Rep: Reputation: 30
The line "/home/chrootusers/./home/john" will look for the directory "/home/chrootusers/home/john" and I'm not sure this is what you want it to do, or is it. If not, and this directory does not exist, that could be your problem.

~Justin
 
Old 10-06-2006, 02:01 PM   #3
xilace
LQ Newbie
 
Registered: Oct 2003
Posts: 27

Original Poster
Rep: Reputation: 15
im not completely sure to be honest. I'm just simply following the direction's that i posted a link to.
 
Old 10-06-2006, 02:05 PM   #4
jeelliso
Member
 
Registered: Oct 2005
Location: Knoxville, Tn (USA)
Distribution: OpenSUSE, Ubuntu
Posts: 250

Rep: Reputation: 30
This line should probably be changed to just "/home/john".

~Justin
 
Old 10-06-2006, 02:40 PM   #5
xilace
LQ Newbie
 
Registered: Oct 2003
Posts: 27

Original Poster
Rep: Reputation: 15
if i change it from
Code:
john:x:1002:100::/home/chrootusers/./home/john:/usr/sbin/jk_chroots
to
Code:
john:x:1002:100::/home/john:/usr/sbin/jk_chrootsh
then i does this:
Code:
[root@localhost ~]# ssh john@localhost
john@localhost's password:
Last login: Fri Oct  6 11:00:10 2006 from localhost.localdomain
Connection to localhost closed.
[root@localhost ~]#
 
Old 10-06-2006, 03:36 PM   #6
jeelliso
Member
 
Registered: Oct 2005
Location: Knoxville, Tn (USA)
Distribution: OpenSUSE, Ubuntu
Posts: 250

Rep: Reputation: 30
try changing "/usr/sbin/jk_chroots" to "/bin/bash"

[edit]Sorry, this probably won't do what you're asking for. Chaning it to "/bin/bash" will allow FULL ssh access, not just access to the ssh command. You need to change "usr/sbin/jk_chrootsh" to whatever command acts as a shell but only allows ssh access. Are you configuring a router or a firewall? Why do you just need ssh access through this user?

Last edited by jeelliso; 10-06-2006 at 03:42 PM.
 
Old 10-06-2006, 04:50 PM   #7
xilace
LQ Newbie
 
Registered: Oct 2003
Posts: 27

Original Poster
Rep: Reputation: 15
well as i was explaining... i just want this user to have ssh access and not be able to touch anything else. In the example with the link i sent supposedly this is supposed to be able to do just that. but for some reason i cant get it to work.

basically i have a friend that needs to do a ssh tunnel. well i dont wish for him to be able to do anything on my system, so i would prefer that he only be able to ssh and thats all. the only way i know how to do such a thing is setting up a jail.
 
Old 10-07-2006, 11:20 AM   #8
xilace
LQ Newbie
 
Registered: Oct 2003
Posts: 27

Original Poster
Rep: Reputation: 15
*bump* still looking for a resolution on any type of "jailkit" that will work on FC5.
 
  


Reply

Tags
jailkit


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh -> perl -> spawn background proces hangs ssh session rhoekstra Programming 2 04-25-2006 01:05 AM
Jailkit Problems OneEye Linux - Software 3 03-31-2006 01:44 AM
How to run a program in an ssh session that will run after you close out the session? dr_zayus69 Linux - Networking 5 03-05-2006 07:15 PM
jailkit issues mithereal Linux - Software 3 01-22-2006 05:06 AM
SSH closes connection before login goose240 Linux - Networking 4 02-14-2005 04:14 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration