chroot and SSH

[bpark]

Does anyone have experience with chroot and SSH? I've managed to set mine up but it keeps denying me saying that my passwd is wrong.

[jasonlambert]

Do you have the username/password your trying to login with in your CHROOTED copy of /etc/passwd & /etc/shadow files?

[bpark]

Yes, I've restarted the server as well.

Does the group and gshadow file need to be existent as well? The only thing that came by default was the passwd and shadow wit the sshd user in both those files.

[jasonlambert]

do you have your chrooted server on a different port? if so, are you connecting to that port when you try to ssh in?

Anything with tcpwrappers? eg, have you been locked out by an entry in /etc/hosts.deny?

Jason

[bpark]

As far as I can see, it's still on 22.

No TCP wrappers as far as I'm concerned. I was able to connect to a regular SSH server that I tried a few minutes ago. It's just this chrooted environment that keeps denying me.

I've copied one of the users entry from /etc/passwd and /etc/shadow to the chrooted environment files and restarted.

It looos like in both files /etc/passwd and the chrooted passwd file

Code:

joeuser:x:1099:1099:Joe Random User:/home/joe/./:/bin/bash

[jasonlambert]

the chrooted version of /bin/bash exists?

[bpark]

Yes, it does with most other stuff.

[bpark]

I sovled the problem about the login issue. I need to copy the modular PAM files over since my the PAM modules are scattered.

I have a new problem though, whenever I try to start sftp, I get this error:

Code:

Request for subsystem 'sftp' failed on channel 0

Any ideas on what this means?

[bpark]

With the help of a Linux guru that I met at this forum, the problem was resolved once again. It appears that the subsystem sftp-server was never copied into the chrooted environment so it wasn't able to launch sftp.