HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   chrooted SSH + Debian Etch (http://www.howtoforge.com/forums/showthread.php?t=14661)

LeoLinux 12th August 2007 13:34

chrooted SSH + Debian Etch
 
Hi,

has any body an idea how to chroot SSH in Debian Etch 4.0?
I know this howto here: http://howtoforge.com/chrooted_ssh_howto_debian
but it's sadly only for Debian Sarge ... and the Scripts won't work for Etch ;-/



Thanks


Leander

thanis 12th August 2007 14:18

Hi, were you able to install all necessary packages with apt-get (newer ssl is openssl-0.9.8 I believe). And if so, did you get any error output when running the script ?

Except for Falko's "incredimail" script, all the rest are basic linux/shell commands.

Kind regards,
Thanis

LeoLinux 13th August 2007 12:18

????? Waht are you talking about ??? Do you mean if I got openssl-0.9.8 ready for a jailed user?

I am even not able to jail anybody, beause the script of Falko is only for Sarge users.


But, I fund something ....

http://howtoforge.com/forums/attachm...2&d=1175003548

BUT I don't realy understand how to use it .... I don't know if I still have to install software how Falkos howto describes that ... like 1 Install The Newest Zlib Version, or 2 Install The Chrooted SSH and so on ...

It would be helpful if somebody can give me some ideas how to go on.

Thank you very much!


Leander

:-)

falko 13th August 2007 19:11

I haven't tried this on Etch, but I'll try to write a tutorial about it. :)

thanis 16th August 2007 20:31

The tutorial is fine actually, it only needs a VERY small bit of tweaking for it to work on Debian Etch:

1.Don't do the zlib install !
2.
Code:

apt-get install libpam0g-dev openssl libcrypto++-dev libssl0.9.8 libssl-dev ssh zlib1g zlib1g-dev zlibc build-essential
3. then just follow the tutorial (the script is not actually important). But what falko forgot to mention, is that you need to copy the "script" contents to a file (e.g.: /home/chroot/chroot.sh) and then run that script:
Code:

chmod +x /home/chroot/chroot.sh
/home/chroot/chroot.sh

Then follow the rest of the tutorial.

Like I said, its just a question of updating your apt packages to etch level !

GRtz,
Thanis

LeoLinux 17th August 2007 02:19

Hi,

thank you for your helpful response - but I seem to stupid for it ;-)

just step for step:


1. Don't install the zlib

2. Install The Chrooted SSH ? What about that? Should I do this step?

3. Create The Chroot Environment ? What about that? Should I do this step exactly how it's described in the Howto?

What about the part with the script? Should I skip executing his script?

What about the steps written under the script part ... like
Quote:

cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 ./lib/
Should I go one from there until step 4 ?


And _what_ script are you talking about ... the script I linked up in this thread or the one from Falko's howto?

Sorry for those stupid questions .. - I just want to make sure before I kill my installation again ;-)


Regards,

Leander

thanis 17th August 2007 08:39

Well ... all answers are positive to your questions.
Yes, install the chrooted SSH (download from sourceforge).
Yes, execute the script (use the one you mentioned, it's better than in the tutorial :) )
Yes, copy the files.
Yes, keep following the tutorial untill the end.
No, never use root as your chrooted user :p

Grtz,
Thanis

LeoLinux 17th August 2007 18:26

hmm thanks .... but the script which I mentioned didn't work ;-( nearly every command endet in a mess .. ... and those mysql pathes aren't there ...

and I'm still not sure if I should do step
Quote:

3 Create The Chroot Environment
Code:

mkdir /home/chroot/
mkdir /home/chroot/home/
cd /home/chroot
mkdir etc
mkdir bin
mkdir lib
mkdir usr
mkdir usr/bin
mkdir dev
mknod dev/null c 1 3
mknod dev/zero c 1 5

before I execute any of those both scripts or not?!


Thank you very much

;-)

Leander

LeoLinux 19th August 2007 10:24

Hi,

has no body an idea, or any good howto?

How far is Falko with his new howto for Etch? ;-)


Leander

falko 20th August 2007 18:20

Quote:

Originally Posted by LeoLinux
How far is Falko with his new howto for Etch? ;-)

I haven't started yet - so many other things to do... But it's on my list. :)


All times are GMT +2. The time now is 15:13.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.