I have followed the instructions here, http://www.howtoforge.com/restricting-users-to-sftp-plus-setting-up-chrooted-ssh-sftp-debian-squeeze (and many many others) but can't seem to get this working. As soon as I add Code: Match User sshuser ChrootDirectory /chrootdir X11Forwarding no AllowTcpForwarding no I get the errors below when I try to SSH in. I am running Centos 6. make_chroot_jail says I am missing a couple of libraries, but from what I have read they are 32bit, I am running 64. I just can't find anything useful on these errors. Code: sshd[22]: Accepted password for sshuser from 123.456.789.012 port 1234 ssh2 sshd[22]: pam_unix(sshd:session): session opened for user sshuser by (uid=0) sshd[22]: User child is on pid 27 sshd[27]: Changed root directory to "/chrootdir" sshd[27]: error: mm_receive_fd: no message header sshd[27]: fatal: mm_pty_allocate: receive fds failed sshd[27]: error: buffer_get_ret: trying to get more bytes 1 than in buffer 0 sshd[27]: error: buffer_get_char_ret: buffer_get_ret failed sshd[27]: fatal: buffer_get_char: buffer error sshd[22]: fatal: mm_request_receive: read: Connection reset by peer sshd[22]: pam_unix(sshd:session): session closed for user sshuser Any ideas out there?
What's your OpenSSH version? AFAIR you need a version newer than 4.8. Is this a physical server or a virtual machine? If it's a virtual machine, you might have to increase RAM a bit. Another guess: is SELinux active?
SE Linux Looks like SE Linux is the culprit, thanks. For some reason though, I get Code: su: user root does not exist when I try to su to the root account. Root is there in the passwd and shadow file, so it should work. I am also having a lot of hassles getting SELinux to let me through, I am not turning SELinux off, sshd access must be configurable somehow. I will post back here if I figure it out.
