[ale] chrooting a ssh login...

Christopher Fowler cfowler at outpostsentinel.com
Thu May 8 09:01:28 EDT 2003


If I remember correctly, you shoudl place an option in
/etc/passwd that will tell ssh to do a chroot.
You need to verify that you are making copies of the libraries to
(chroot)/lib.  If you are missingone, it may be causing the chroot
not to execute.  

Another thing, is that root has to do the chroot.  So telling ssh to
do it is the only way I can think of.  Placing a chroot command in 
~/.profile will not work



 
On Thu, May 08, 2003 at 08:47:19AM -0400, John Wells wrote:
> I'm trying to chroot a few ssh users on a RH 7.3 box to a directory called
> /home/chroot.
> 
> I've copied various files over (/bin/bash and the libs needed, etc.). 
> I've edited /etc/security/chroot.conf and added a line for each user like:
> 
> testuser /home/chroot
> 
> I've edited /etc/pam.d/sshd and added:
> 
> session    required     /lib/security/pam_chroot.so
> 
> I even added it to /etc/pam.d/login, so I could test it with su.
> 
> However, it's not working (even through login).  It simply acts as if
> chroot is never called, dumping the users to their default home
> directories.  I'm assuming I've missed something along the way.
> 
> Could anyone point it out?
> 
> Thanks!
> John
> 
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale





More information about the Ale mailing list