ssh chroot jail problem

[mummaneni]

Hi everybody,

I am trying for setting the chroot for ssh.

I entered the following entry in the /etc/pam.d/sshd file
session required pam_chroot.so onerr=fail

and I entered the entry for user1 in /etc/security/chroot.conf file
user1 /home/user1

And I did the modifications to /etc/ssh/ssd_config file

UsePrivilegeSeparation no


after that, while logging to the ssh server with the user1 account, I am getting the following errors.

#ssh localhost -l user1

Connection to 192.168.30.10 closed by remote host.
Connection to 192.168.30.10 closed.


My /var/log/secure entries for this event are :

Jan 19 16:14:14 ndserver sshd[15669]: Accepted password for user1 from 192.168.30.10 port 1195 ssh2
Jan 19 16:14:14 ndserver pam_chroot[15669]: /home/user1 is writable by non-root
Jan 19 16:14:14 ndserver sshd[15669]: fatal: PAM session setup failed[14]: Cannot make/remove an entry for the specified session


Please help me.

thanks & regards,
yogendra.

[kakariko81280]

Chroot can be tricky, particularly with ssh. A quick google turned up chroot-ssh, a set of patches that allow ssh to be chrooted. http://www.brandonhutchinson.com/chroot_ssh.html have you had a look at these?

Also, have you copied suitable programs into /home/user1 like bash and cp and so on. Once ssh has been chrooted it can't see the apps installed on the rest of the system which means it can't run bash or similar once you have logged in.

Let us know how you get on,

Chris...

[Aldo]

OK vsftpd was working fine. My real problem is I want to restrict user access our system with sftp and scp to their home directory. My bad, sorry. Can you assist me in how to do this?

thanks, Al