Hi,
I'm trying to set up an chroot for sftp. I found a guide that explains how to do it, and it actually looks pretty simple:
http://gentoo-wiki.com/HOWTO_SFTP_Serve ... out_shell)
The paths are a little different on my Debian system and I changed them accordingly, but I did everthing like it is explained there. But when I try to log into my Debian box using sftp or also WinSCP, I only get
Connection to <myserver.de> closed.
??? When copying all the files over into my chroot (within /home) I got the following from ldd:
# ldd /usr/bin/scp
libresolv.so.2 => /lib/libresolv.so.2 (0x4001d000)
libcrypto.so.0.9.7 => /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0x4002f000)
libutil.so.1 => /lib/libutil.so.1 (0x4012e000)
libz.so.1 => /usr/lib/libz.so.1 (0x40131000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40144000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40159000)
libc.so.6 => /lib/libc.so.6 (0x40186000)
libdl.so.2 => /lib/libdl.so.2 (0x402b9000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
# ldd /usr/bin/rssh
libc.so.6 => /lib/libc.so.6 (0x4001d000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
# ldd /usr/lib/rssh/rssh_chroot_helper
libc.so.6 => /lib/libc.so.6 (0x4001d000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
# ldd /usr/lib/sftp-server
libresolv.so.2 => /lib/libresolv.so.2 (0x4001d000)
libcrypto.so.0.9.7 => /usr/lib/i686/cmov/libcrypto.so.0.9.7 (0x4002f000)
libutil.so.1 => /lib/libutil.so.1 (0x4012e000)
libz.so.1 => /usr/lib/libz.so.1 (0x40131000)
libnsl.so.1 => /lib/libnsl.so.1 (0x40144000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40159000)
libc.so.6 => /lib/libc.so.6 (0x40186000)
libdl.so.2 => /lib/libdl.so.2 (0x402b9000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
I copied all those files into the appropiate directories under /home. The only file I'm not sure about is the last one, /lib/ld-linux.so.2. It's the only file that has a directory name in front of it, why is that? I copied it from /lib/ld-linux.so.2 to /home/lib/ld-linux.so.2. Is that correct?
Any help would be greatly appreciated!
Btw: SSH itself works fine for my other account using /bin/bash or /usr/bin/scponly as shell.
Tom
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
sftp chroot not working
-
elektrohirn
- Posts: 3
- Joined: 2005-03-06 02:31
- Location: Cologne, Germany
-
elektrohirn
- Posts: 3
- Joined: 2005-03-06 02:31
- Location: Cologne, Germany
scponly also not working
I just found out that scponly also supports chrooting. There's a script in /usr/share/doc/scponly that auto-creates a chroot for you, I executed this script and it ran without errors (except for one stating that cvs could not be found, but thats okay since I'm not using cvs and this is only needed if you want cvs support). BUT, when I try to sftp into my box with the newly created user, it still doesn't work. Again, when I do sftp as a different user that has /bin/bash as shell it works fine. What the hell am I doing wrong here?
Has someone scponly chrooted working? Could you tell me how you did it??
Tom
Has someone scponly chrooted working? Could you tell me how you did it??
Tom