I created a user call david attached to the group users. When I try and login via putty I get disconnected instantly right after putting in the password. Why is it rejecting me? The putty window just goes away no message. User from /etc/passwd Code: david:x:1002:100:david:/home/chroot/./home/david:/bin/bash Group file Code: users:x:100: Code: root@atlbricks:/home/chroot# ls bin dev etc home lib usr root@atlbricks:/home/chroot#
1) Did you create the chroot enviroment for the user david with the chroot enviroment creation script provided in the howto? 2) Please post the output of: ls -la /home/chroot/home/david
I copied and pasted the APPS text into the terminal and hit return with the sudo command in front but the one script seems to be missing http://www.howtoforge.com/chrooted_ssh_howto_debian_p2 Code: systemadmin@atlbricks:~$ ls -la /home/chroot/home/david total 20 drwxr-xr-x 2 david users 4096 Apr 1 00:41 . drwxr-xr-x 3 root root 4096 Apr 1 00:41 .. -rw-r--r-- 1 david users 220 Apr 1 00:41 .bash_logout -rw-r--r-- 1 david users 414 Apr 1 00:41 .bash_profile -rw-r--r-- 1 david users 2227 Apr 1 00:41 .bashrc systemadmin@atlbricks:~$
ok I made a file with that script and ran it, this is what I get Code: root@atlbricks:/home/chroot# ls bin dev etc home lib script.sh usr root@atlbricks:/home/chroot# sh script.sh cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory cp: cannot stat `(0xffffe000)': No such file or directory root@atlbricks:/home/chroot#
This is nothing to worry about. Do the passwd, shadow, and group files exist in the chroot jail? Any errors in your auth.log?
Ok I am idiot, I should have fallowed your instructions completely and I did not. Anyways I started over and now everything is working great. Thanks for all your help. BTW I cannot say this enough, you and your friend have done a great job at creating a wonderful site and your support and time is superb. I tell everyone about it!
Another Idiot Hi, Well I must be an idiot too because I followed the howto to the letter and I get the same error where putty just exits after password entry. Maybe you can help me out by writing exactly what you did to correct the problem. user testuser ls -al on the different directories root@srv-02:/home/chroot# ls -la home/testuser/ total 20 drwxr-xr-x 2 testuser users 4096 2008-04-06 16:56 . drwxr-xr-x 3 root root 4096 2008-04-06 16:56 .. -rw-r--r-- 1 testuser users 220 2008-04-06 16:56 .bash_logout -rw-r--r-- 1 testuser users 414 2008-04-06 16:56 .bash_profile -rw-r--r-- 1 testuser users 2227 2008-04-06 16:56 .bashrc root@srv-02:/home/chroot# root@srv-02:/home/chroot# ls -la etc total 20 drwxr-xr-x 2 root root 4096 2008-04-06 17:20 . drwxr-xr-x 8 root root 4096 2008-04-06 17:09 .. -rw-r--r-- 1 root root 13 2008-04-06 17:13 group -rw-r--r-- 1 root root 101 2008-04-06 16:56 passwd -rw-r----- 1 root root 1548 2008-04-06 17:20 shadow root@srv-02:/home/chroot# I had to copy the shadow file there myself The auth log info -- root@srv-02:/home/chroot# tail -f /var/log/auth.log Apr 6 17:09:01 srv-02 CRON[27462]: (pam_unix) session opened for user root by (uid=0) Apr 6 17:09:01 srv-02 CRON[27462]: (pam_unix) session closed for user root Apr 6 17:09:30 srv-02 sshd[27721]: Accepted password for testuser from 66.xx.xx.xxx port 2228 ssh2 Apr 6 17:14:53 srv-02 sshd[27242]: Received signal 15; terminating. Apr 6 17:14:53 srv-02 sshd[27834]: Server listening on :: port 22. Apr 6 17:14:53 srv-02 sshd[27834]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use. Apr 6 17:15:06 srv-02 sshd[27839]: Accepted password for testuser from 66.xx.xx.xxx port 2297 ssh2 Apr 6 17:17:01 srv-02 CRON[27867]: (pam_unix) session opened for user root by (uid=0) Apr 6 17:17:01 srv-02 CRON[27867]: (pam_unix) session closed for user root Apr 6 17:20:51 srv-02 sshd[27916]: Accepted password for testuser from 66.xx.xx.xxx port 2574 ssh2 etc/passwd file root:x:0:0:root:/root:/bin/bash testuser:x:20001:100:testuser:/home/chroot/./home/testuser:/bin/bash etc/passwd (END) etc/group file users:x:100: etc/group (END) Any help would be appreciated. TIA
Lets just start over again since there is nothing to lose. Fallow the instructions on this page then come back to this post and run the commands. http://www.howtoforge.com/chrooted_ssh_howto_debian Copy each line individually Code: mkdir /home/chroot/ cd /home/chroot mkdir etc mkdir bin mkdir lib mkdir usr mkdir usr/bin mkdir dev mknod dev/null c 1 3 mknod dev/zero c 1 5 Code: cd sudo nano create_chroot_env Now copy and past Code: APPS="/bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh /bin/ping /usr/bin/dircolors" for prog in $APPS; do cp $prog ./$prog # obtain a list of related libraries ldd $prog > /dev/null if [ "$?" = 0 ] ; then LIBS=`ldd $prog | awk '{ print $3 }'` for l in $LIBS; do mkdir -p ./`dirname $l` > /dev/null 2>&1 cp $l ./$l done fi done Then hold down control and tap O to save the file Code: sudo ./create_chroot_env or sudo sh create_chroot_env Copy and past each line. Code: cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 ./lib/ echo '#!/bin/bash' > usr/bin/groups echo "id -Gn" >> usr/bin/groups touch etc/passwd grep /etc/passwd -e "^root" > etc/passwd grep /etc/group -e "^root" -e "^users" > etc/group /etc/init.d/ssh restart Note you can change the testuser to any user name you like Code: useradd -s /bin/bash -m -d /home/chroot/./home/testuser -c "testuser" -g users testuser Give the new user a password Code: passwd testuser Copy the password Code: grep /etc/passwd -e "^testuser" >> /home/chroot/etc/passwd Code: grep /etc/group -e "^othergroup" >> /home/chroot/etc/group Let me know if it works now, I had to start the howto over before it worked for me.
Errors Hi I am trying to setup ssh chroot on Ubuntu server 8.04 Hardy and I follow all steps in the how to but when I tried to ssh to the user testuser the terminal just closed after entring the password , I have checked the log file auth.log and its show that user testuser login succesfull. So I restarted from the bigining as you say and wehn I cam to this part root@oracle:~# sudo sh create_chroot_env cp: cannot create regular file `.//bin/bash': No such file or directory cp: cannot create regular file `.//bin/ls': No such file or directory cp: cannot create regular file `.//bin/mkdir': No such file or directory cp: cannot create regular file `.//bin/mv': No such file or directory cp: cannot create regular file `.//bin/pwd': No such file or directory cp: cannot create regular file `.//bin/rm': No such file or directory cp: cannot create regular file `.//usr/bin/id': No such file or directory cp: cannot create regular file `.//usr/bin/ssh': No such file or directory cp: cannot create regular file `.//bin/cp': No such file or directory cp: cannot create regular file `.//bin/getegg': No such file or directory cp: cannot create regular file `.//bin/getpsy': No such file or directory cp: cannot create regular file `.//bin/ping': No such file or directory cp: cannot create regular file `.//usr/bin/dircolors': No such file or directory I really dont get what should I do after that , Please help me becuase i am setting up a server for public. Regards
chroot Hi again I have fixed the errors above but it back to the first result terminl close when you type the testuser password . when it comes to the part make install there is a msg PAM installed but seems that you need to install pam control panel could that be the problem?
