- - Chrooted SSH
||14th June 2012 08:56
I have followed the instructions here, http://www.howtoforge.com/restrictin...debian-squeeze
(and many many others) but can't seem to get this working. As soon as I add
Match User sshuser
I get the errors below when I try to SSH in. I am running Centos 6. make_chroot_jail says I am missing a couple of libraries, but from what I have read they are 32bit, I am running 64. I just can't find anything useful on these errors.
sshd: Accepted password for sshuser from 123.456.789.012 port 1234 ssh2
sshd: pam_unix(sshd:session): session opened for user sshuser by (uid=0)
sshd: User child is on pid 27
sshd: Changed root directory to "/chrootdir"
sshd: error: mm_receive_fd: no message header
sshd: fatal: mm_pty_allocate: receive fds failed
sshd: error: buffer_get_ret: trying to get more bytes 1 than in buffer 0
sshd: error: buffer_get_char_ret: buffer_get_ret failed
sshd: fatal: buffer_get_char: buffer error
sshd: fatal: mm_request_receive: read: Connection reset by peer
sshd: pam_unix(sshd:session): session closed for user sshuser
Any ideas out there?
||15th June 2012 13:15
What's your OpenSSH version? AFAIR you need a version newer than 4.8.
Is this a physical server or a virtual machine? If it's a virtual machine, you might have to increase RAM a bit.
Another guess: is SELinux active?
||18th June 2012 10:03
Looks like SE Linux is the culprit, thanks. For some reason though, I get
su: user root does not exist
when I try to su to the root account. Root is there in the passwd and shadow file, so it should work.
I am also having a lot of hassles getting SELinux to let me through, I am not turning SELinux off, sshd access must be configurable somehow. I will post back here if I figure it out.
|All times are GMT +2. The time now is 09:04.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.