sftp chroot not working

Kernels & Hardware, configuring network, installing services

sftp chroot not working

Postby elektrohirn » 2005-04-16 23:50

Hi,

I'm trying to set up an chroot for sftp. I found a guide that explains how to do it, and it actually looks pretty simple:

http://gentoo-wiki.com/HOWTO_SFTP_Serve ... hout_shell)

The paths are a little different on my Debian system and I changed them accordingly, but I did everthing like it is explained there. But when I try to log into my Debian box using sftp or also WinSCP, I only get

Connection to <myserver.de> closed.

??? When copying all the files over into my chroot (within /home) I got the following from ldd:

# ldd /usr/bin/scp
libresolv.so.2 => /lib/libresolv.so.2 (0x4001d000)
libcrypto.so.0.9.7 => /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0x4002f000)
libutil.so.1 => /lib/libutil.so.1 (0x4012e000)
libz.so.1 => /usr/lib/libz.so.1 (0x40131000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40144000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40159000)
libc.so.6 => /lib/libc.so.6 (0x40186000)
libdl.so.2 => /lib/libdl.so.2 (0x402b9000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

# ldd /usr/bin/rssh
libc.so.6 => /lib/libc.so.6 (0x4001d000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

# ldd /usr/lib/rssh/rssh_chroot_helper
libc.so.6 => /lib/libc.so.6 (0x4001d000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

# ldd /usr/lib/sftp-server
libresolv.so.2 => /lib/libresolv.so.2 (0x4001d000)
libcrypto.so.0.9.7 => /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0x4002f000)
libutil.so.1 => /lib/libutil.so.1 (0x4012e000)
libz.so.1 => /usr/lib/libz.so.1 (0x40131000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40144000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40159000)
libc.so.6 => /lib/libc.so.6 (0x40186000)
libdl.so.2 => /lib/libdl.so.2 (0x402b9000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

I copied all those files into the appropiate directories under /home. The only file I'm not sure about is the last one, /lib/ld-linux.so.2. It's the only file that has a directory name in front of it, why is that? I copied it from /lib/ld-linux.so.2 to /home/lib/ld-linux.so.2. Is that correct?

Any help would be greatly appreciated!

Btw: SSH itself works fine for my other account using /bin/bash or /usr/bin/scponly as shell.

Tom
User avatar
elektrohirn
 
Posts: 3
Joined: 2005-03-06 02:31
Location: Cologne, Germany

scponly also not working

Postby elektrohirn » 2005-04-17 01:03

I just found out that scponly also supports chrooting. There's a script in /usr/share/doc/scponly that auto-creates a chroot for you, I executed this script and it ran without errors (except for one stating that cvs could not be found, but thats okay since I'm not using cvs and this is only needed if you want cvs support). BUT, when I try to sftp into my box with the newly created user, it still doesn't work. Again, when I do sftp as a different user that has /bin/bash as shell it works fine. What the hell am I doing wrong here?

Has someone scponly chrooted working? Could you tell me how you did it??

Tom
User avatar
elektrohirn
 
Posts: 3
Joined: 2005-03-06 02:31
Location: Cologne, Germany


Return to System configuration

Who is online

Users browsing this forum: No registered users and 8 guests

fashionable