Chrooted SSH

Discussion in 'Security' started by seismicmike, Feb 5, 2010.

0
  1. #1
    Hi guys. I'm trying to configure SSH to Chroot my users. I'm following the instructions found here: http://www.howtoforge.com/chrooted_ssh_howto_debian. I'm using CentOS instead of Debian, but I think I've sufficiently adapted the instructions.

    The problem I'm having is toward the end. I followed all the instructions and as far as I can tell everything works fine, but when I attempt to ssh and log in as the test user I created - the one the guide walked me through setting up - it tells me that it can't find /bin/bash and kills the connection.

    I checked in /bin and bash is there (obviously). I also checked in the /home/chroot/bin and bash is there. I'm not sure what I missed, but I followed the instructions very carefully, using copy and paste whenever possible to prevent typos, and each time I get the same result. I've even tried various alternates in the user settings for the shell. I've tried /home/chroot/bin/bash; /home/chroot/./bin/bash; and so on... all with the same result. Here's a more detailed output: http://pastebin.com/m4f24eccc

    If anyone can help me figure this out, I would be very thankful! :)

    It's not super super urgent, since I have other things I need to focus on today, but I'd like to be able to finish this up on Monday if at all possible. Thanks for your help.
     
    seismicmike, Feb 5, 2010 IP
  2. RHS-Chris

    RHS-Chris Well-Known Member

    Messages:
    1,007
    Likes Received:
    35
    Best Answers:
    10
    Trophy Points:
    150
    #2
    Have you checked the secure and message logs to see what errors it is flagging?
     
    RHS-Chris, Feb 5, 2010 IP
    dmi likes this.
  3. seismicmike

    seismicmike Peon

    Messages:
    63
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    :rolleyes: you know.... some times I just forget the obvious....

    checking........

    maybe it has something to do with pam. From /var/log/secure:

    
Feb  5 10:54:24 localhost sshd[29765]: Accepted password for testuser from 10.0.0.39 port 53582 ssh2
Feb  5 10:54:24 localhost sshd[29765]: pam_unix(sshd:session): session opened for user testuser by (uid=0)
Feb  5 10:54:24 localhost sshd[29767]: pam_env(sshd:setcred): Unable to open config file: /etc/security/pam_env.conf: No such file or directory
Feb  5 10:54:24 localhost sshd[29765]: pam_unix(sshd:session): session closed for user testuser
    Code (markup):
     
    seismicmike, Feb 5, 2010 IP
  4. Rudolf Bodocsi

    Rudolf Bodocsi Peon

    Messages:
    69
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    Hi,

    Check /etc/security/pam_env.conf file. If exist than check for user rights. Maybe your user don't have right to read pam_env.conf file.

    Rudolf Bodocsi
     
    Rudolf Bodocsi, Feb 5, 2010 IP
  5. CodyRo

    CodyRo Peon

    Messages:
    365
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Did you run their little script they provided? What that does is copy the binaries / libraries needed to the new jailed environment.. you said the bash binary was indeed in /home/chroot/bin? What happens if you change your login shell to something else such as sh?
     
    CodyRo, Feb 7, 2010 IP