HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=15)
-   -   Chrooted functionality? (http://www.howtoforge.com/forums/showthread.php?t=5614)

ctroyp 18th July 2006 17:21

Chrooted functionality?
 
I have successfully upgraded to version 2.2.5 and just tested the chroot function. I logged in using a non-admin user and was able to access higher levels above the user's jailed directory. I could get all the way up to root. :eek: Is this not a security issue? What do I need to do?

till 18th July 2006 18:38

http://www.howtoforge.com/forums/sho...47&postcount=7

ctroyp 18th July 2006 19:10

Excellent!!! Thanks again till!

ctroyp 18th July 2006 19:55

Hmm, I installed openssh-4.2p1-chroot and followed the remaining commands in step 2 from the tutorial http://www.howtoforge.com/chrooted_ssh_howto_debian , restarted sshd and ISPConfig, but I can still break out of the jailed dir. Any initial ideas?

Btw, this is Fedora Core 4, rather than Debian, but that shouldn't matter I don't think.

edge 18th July 2006 22:10

I'm having the same problem with an updated server!

When I install ISPconfig on a clean Debian system (I love VMware) it's working fine!

*** Edit ***

I'm wrong.. It's also working on the old system... So I'm not having any problems.. All I needed was a SSH restart

till 19th July 2006 07:45

Quote:

Originally Posted by ctroyp
Hmm, I installed openssh-4.2p1-chroot and followed the remaining commands in step 2 from the tutorial http://www.howtoforge.com/chrooted_ssh_howto_debian , restarted sshd and ISPConfig, but I can still break out of the jailed dir. Any initial ideas?

Btw, this is Fedora Core 4, rather than Debian, but that shouldn't matter I don't think.

Did you enable SSH chrooting in ISPConfigs config.inc.php file?

Quote:

Then you will have to enable it in ISPConfig in the file config.inc.php, set:

$go_info["server"]["ssh_chroot"] = 1;

The user account will be chrooted for every user with SSH enabled that you create or update.

ctroyp 19th July 2006 12:45

Quote:

Originally Posted by till
Did you enable SSH chrooting in ISPConfigs config.inc.php file?

Yes, from /home/admispconfig/ispconfig/scripts/config.inc.php .

falko 19th July 2006 13:54

Did you restart SSH?

ctroyp 19th July 2006 21:05

Quote:

Originally Posted by falko
Did you restart SSH?

Yes, but I get the following:
Code:

[root@server2 ~]# /etc/init.d/sshd restart
Stopping sshd:                                            [  OK  ]
Starting sshd: /etc/ssh/sshd_config line 74: Unsupported option GSSAPIAuthentication
/etc/ssh/sshd_config line 76: Unsupported option GSSAPICleanupCredentials
                                                          [  OK  ]


falko 20th July 2006 12:42

What's in /etc/ssh/sshd_config? Did you change that file?


All times are GMT +2. The time now is 00:32.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.