Hi, I am dealing with some login issues to open a SFTP session through Jailkit. Jailkit was installed during ISPC install (I mean before). When a site's shell user is created, the ISPC log shows debugging information but no errors. However, when the user tries to login, it's sucessfully authenticated bu an error appears on auth.log: Code: Aug 14 14:09:04 gd-web-linux-001 sshd[13292]: Accepted password for gdigital_sandbox from 201.191.123.42 port 34384 ssh2 Aug 14 14:09:04 gd-web-linux-001 sshd[13292]: pam_unix(sshd:session): session opened for user gdigital_sandbox by (uid=0) Aug 14 14:09:05 gd-web-linux-001 sshd[13424]: subsystem request for sftp by user gdigital_sandbox Aug 14 14:09:05 gd-web-linux-001 jk_chrootsh[13425]: now entering jail /var/www/clients/client2/web1 for user gdigital_sandbox (5004) with arguments -c /usr/lib/openssh/sftp-server Aug 14 14:09:05 gd-web-linux-001 jk_chrootsh[13425]: ERROR: failed to execute shell /bin/bash for user gdigital_sandbox (5004), check the permissions and libraries of /var/www/clients/client2/web1//bin/bash Aug 14 14:09:05 gd-web-linux-001 sshd[13292]: pam_unix(sshd:session): session closed for user gdigital_sandbox Clearly, the error says this shell /var/www/clients/client2/web1//bin/bash doesn't exists, and it's true. Should this shell exist? What would be the expected shell in /etc/passwd for the recently created shell user? How can I fix it by hand for testing purposes, and how can I do by default since now? This is the log of ISPC when creating this shell user, I see no error on it, right? Code: 14.08.2012-20:07 - DEBUG - Found 1 changes, starting update process. 14.08.2012-20:07 - DEBUG - Calling function 'insert' from plugin 'shelluser_base_plugin' raised by event 'shell_user_insert'. 14.08.2012-20:07 - DEBUG - Executed command: useradd -d /var/www/clients/client2/web1 -g client2 -o -p \$1\$G7BRc1eu\$vgz0iRZkUPb7zffb 3/AxO0 -s /bin/bash -u 5004 gdigital_sandbox 14.08.2012-20:07 - DEBUG - Added shelluser: gdigital_sandbox 14.08.2012-20:07 - DEBUG - ssh-rsa setup shelluser_base 14.08.2012-20:07 - DEBUG - ssh-rsa keypair generated for gdigital 14.08.2012-20:07 - DEBUG - ssh-rsa authorisation keyfile created in /var/www/clients/client2/web1/.ssh/authorized_keys 14.08.2012-20:07 - DEBUG - ssh-rsa key updated in /var/www/clients/client2/web1/.ssh/authorized_keys 14.08.2012-20:07 - DEBUG - Disabling shelluser temporarily: usermod -s /bin/false -L gdigital_sandbox 14.08.2012-20:07 - DEBUG - Calling function 'insert' from plugin 'shelluser_jailkit_plugin' raised by event 'shell_user_insert'. 14.08.2012-20:07 - DEBUG - exec: chmod 755 /var/www/clients/client2/web1 14.08.2012-20:07 - DEBUG - exec: chown root:root /var/www/clients/client2/web1 14.08.2012-20:07 - DEBUG - Added jailkit chroot with command: /usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh /var/www/clients/client2/web1 'basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh' 14.08.2012-20:07 - DEBUG - Added programs to jailkit chroot with command: /usr/local/ispconfig/server/scripts/create_jailkit_programs.sh /var/www/clients/client2/web1 '/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico' 14.08.2012-20:07 - DEBUG - Added bashrc scrpt : /var/www/clients/client2/web1/etc/bash.bashrc 14.08.2012-20:07 - DEBUG - Added jailkit user to chroot with command: /usr/local/ispconfig/server/scripts/create_jailkit_user.sh gdigital_sandbox /var/www/clients/client2/web1 /home/gdigital_sandbox /bin/bash web1 /home/web1 14.08.2012-20:07 - DEBUG - Added created jailkit user home in : /var/www/clients/client2/web1/home/gdigital_sandbox 14.08.2012-20:07 - DEBUG - Added jailkit parent user home in : /var/www/clients/client2/web1/home/web1 14.08.2012-20:07 - DEBUG - ssh-rsa setup shelluser_jailkit 14.08.2012-20:07 - DEBUG - ssh-rsa authorisation keyfile created in /var/www/clients/client2/web1//home/gdigital_sandbox/.ssh/authorized_keys 14.08.2012-20:07 - DEBUG - ssh-rsa key updated in /var/www/clients/client2/web1//home/gdigital_sandbox/.ssh/authorized_keys 14.08.2012-20:07 - DEBUG - exec: chmod 755 /var/www/clients/client2/web1 14.08.2012-20:07 - DEBUG - exec: chown root:root /var/www/clients/client2/web1 14.08.2012-20:07 - DEBUG - Jailkit Plugin -> insert username:gdigital_sandbox 14.08.2012-20:07 - DEBUG - Processed datalog_id 55 I already tried with another user, and the same problem appears. The user is able to log in, but due to inexistence of that shell, it stops. At this point, I have no idea what else I can do. Any help will be appreciated.
run: jk_cp -j /var/www/clients/client2/web1 /bin/bash to test it. See here for details: http://olivier.sessink.nl/jailkit/jk_cp.8.html you can configure the applications that get copied to the jail in the jailkit settings in ispconfig. Btw, I wont use sftp as it requires you to create a shell user. If you want to get secure file transfers, use ftps which is ftp over ssl, this is as secure as sftp but does not require a separate shell user and jail and works out of the box with a ftp user account.