Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st April 2008, 18:50
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Cool Chrooted SSH Howto - User getting disconected on authentication

I created a user call david attached to the group users. When I try and login via putty I get disconnected instantly right after putting in the password. Why is it rejecting me? The putty window just goes away no message.


User from /etc/passwd
Code:
 david:x:1002:100:david:/home/chroot/./home/david:/bin/bash
Group file
Code:
users:x:100:
Code:
root@atlbricks:/home/chroot# ls
bin  dev  etc  home  lib  usr
root@atlbricks:/home/chroot#
Reply With Quote
Sponsored Links
  #2  
Old 2nd April 2008, 11:24
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

1) Did you create the chroot enviroment for the user david with the chroot enviroment creation script provided in the howto?
2) Please post the output of:

ls -la /home/chroot/home/david
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 3rd April 2008, 17:32
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default

I copied and pasted the APPS text into the terminal and hit return with the sudo command in front but the one script seems to be missing

http://www.howtoforge.com/chrooted_ssh_howto_debian_p2

Code:
systemadmin@atlbricks:~$ ls -la /home/chroot/home/david
total 20
drwxr-xr-x 2 david users 4096 Apr  1 00:41 .
drwxr-xr-x 3 root  root  4096 Apr  1 00:41 ..
-rw-r--r-- 1 david users  220 Apr  1 00:41 .bash_logout
-rw-r--r-- 1 david users  414 Apr  1 00:41 .bash_profile
-rw-r--r-- 1 david users 2227 Apr  1 00:41 .bashrc
systemadmin@atlbricks:~$
Reply With Quote
  #4  
Old 4th April 2008, 19:06
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default

ok I made a file with that script and ran it, this is what I get

Code:
root@atlbricks:/home/chroot# ls
bin  dev  etc  home  lib  script.sh  usr
root@atlbricks:/home/chroot# sh script.sh
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
root@atlbricks:/home/chroot#
Reply With Quote
  #5  
Old 4th April 2008, 19:24
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Quote:
Originally Posted by badgerbox76
root@atlbricks:/home/chroot# sh script.sh
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
cp: cannot stat `(0xffffe000)': No such file or directory
root@atlbricks:/home/chroot#
[/CODE]
This is nothing to worry about.

Do the passwd, shadow, and group files exist in the chroot jail?
Any errors in your auth.log?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 5th April 2008, 00:03
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default

Ok I am idiot, I should have fallowed your instructions completely and I did not. Anyways I started over and now everything is working great. Thanks for all your help. BTW I cannot say this enough, you and your friend have done a great job at creating a wonderful site and your support and time is superb. I tell everyone about it!
Reply With Quote
The Following User Says Thank You to badgerbox76 For This Useful Post:
falko (5th April 2008)
  #7  
Old 7th April 2008, 02:35
toceguera toceguera is offline
Junior Member
 
Join Date: Dec 2007
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Another Idiot

Hi,

Well I must be an idiot too because I followed the howto to the letter and I get the same error where putty just exits after password entry. Maybe you can help me out by writing exactly what you did to correct the problem.

user testuser

ls -al on the different directories

root@srv-02:/home/chroot# ls -la home/testuser/
total 20
drwxr-xr-x 2 testuser users 4096 2008-04-06 16:56 .
drwxr-xr-x 3 root root 4096 2008-04-06 16:56 ..
-rw-r--r-- 1 testuser users 220 2008-04-06 16:56 .bash_logout
-rw-r--r-- 1 testuser users 414 2008-04-06 16:56 .bash_profile
-rw-r--r-- 1 testuser users 2227 2008-04-06 16:56 .bashrc
root@srv-02:/home/chroot#

root@srv-02:/home/chroot# ls -la etc
total 20
drwxr-xr-x 2 root root 4096 2008-04-06 17:20 .
drwxr-xr-x 8 root root 4096 2008-04-06 17:09 ..
-rw-r--r-- 1 root root 13 2008-04-06 17:13 group
-rw-r--r-- 1 root root 101 2008-04-06 16:56 passwd
-rw-r----- 1 root root 1548 2008-04-06 17:20 shadow
root@srv-02:/home/chroot#

I had to copy the shadow file there myself


The auth log info --

root@srv-02:/home/chroot# tail -f /var/log/auth.log
Apr 6 17:09:01 srv-02 CRON[27462]: (pam_unix) session opened for user root by (uid=0)
Apr 6 17:09:01 srv-02 CRON[27462]: (pam_unix) session closed for user root
Apr 6 17:09:30 srv-02 sshd[27721]: Accepted password for testuser from 66.xx.xx.xxx port 2228 ssh2
Apr 6 17:14:53 srv-02 sshd[27242]: Received signal 15; terminating.
Apr 6 17:14:53 srv-02 sshd[27834]: Server listening on :: port 22.
Apr 6 17:14:53 srv-02 sshd[27834]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Apr 6 17:15:06 srv-02 sshd[27839]: Accepted password for testuser from 66.xx.xx.xxx port 2297 ssh2
Apr 6 17:17:01 srv-02 CRON[27867]: (pam_unix) session opened for user root by (uid=0)
Apr 6 17:17:01 srv-02 CRON[27867]: (pam_unix) session closed for user root
Apr 6 17:20:51 srv-02 sshd[27916]: Accepted password for testuser from 66.xx.xx.xxx port 2574 ssh2

etc/passwd file
root:x:0:0:root:/root:/bin/bash
testuser:x:20001:100:testuser:/home/chroot/./home/testuser:/bin/bash
etc/passwd (END)

etc/group file

users:x:100:
etc/group (END)

Any help would be appreciated.

TIA
Reply With Quote
  #8  
Old 7th April 2008, 14:35
badgerbox76 badgerbox76 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 178
Thanks: 6
Thanked 1 Time in 1 Post
Default

Lets just start over again since there is nothing to lose.

Fallow the instructions on this page then come back to this post and run the commands.

http://www.howtoforge.com/chrooted_ssh_howto_debian

Copy each line individually
Code:
mkdir /home/chroot/
cd /home/chroot
mkdir etc
mkdir bin
mkdir lib
mkdir usr
mkdir usr/bin
mkdir dev
mknod dev/null c 1 3
mknod dev/zero c 1 5

Code:
cd
sudo nano create_chroot_env
Now copy and past
Code:
APPS="/bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh /bin/ping /usr/bin/dircolors"
for prog in $APPS;  do
        cp $prog ./$prog

        # obtain a list of related libraries
        ldd $prog > /dev/null
        if [ "$?" = 0 ] ; then
                LIBS=`ldd $prog | awk '{ print $3 }'`
                for l in $LIBS; do
                        mkdir -p ./`dirname $l` > /dev/null 2>&1
                        cp $l ./$l
                done
        fi
done
Then hold down control and tap O to save the file

Code:
sudo ./create_chroot_env
or
sudo sh create_chroot_env
Copy and past each line.
Code:
cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 ./lib/
echo '#!/bin/bash' > usr/bin/groups
echo "id -Gn" >> usr/bin/groups
touch etc/passwd
grep /etc/passwd -e "^root" > etc/passwd
grep /etc/group -e "^root" -e "^users" > etc/group
/etc/init.d/ssh restart
Note you can change the testuser to any user name you like
Code:
useradd -s /bin/bash -m -d /home/chroot/./home/testuser -c "testuser" -g users testuser
Give the new user a password
Code:
passwd testuser
Copy the password
Code:
grep /etc/passwd -e "^testuser" >> /home/chroot/etc/passwd
Code:
grep /etc/group -e "^othergroup" >> /home/chroot/etc/group
Let me know if it works now, I had to start the howto over before it worked for me.
Reply With Quote
  #9  
Old 29th December 2008, 19:53
Desp Desp is offline
Junior Member
 
Join Date: Dec 2008
Location: Sweden
Posts: 27
Thanks: 0
Thanked 2 Times in 1 Post
Send a message via MSN to Desp Send a message via Yahoo to Desp
Question Errors

Hi
I am trying to setup ssh chroot on Ubuntu server 8.04 Hardy and I follow all steps in the how to but when I tried to ssh to the user testuser the terminal just closed after entring the password , I have checked the log file auth.log
and its show that user testuser login succesfull.
So I restarted from the bigining as you say and wehn I cam to this part
root@oracle:~# sudo sh create_chroot_env
cp: cannot create regular file `.//bin/bash': No such file or directory
cp: cannot create regular file `.//bin/ls': No such file or directory
cp: cannot create regular file `.//bin/mkdir': No such file or directory
cp: cannot create regular file `.//bin/mv': No such file or directory
cp: cannot create regular file `.//bin/pwd': No such file or directory
cp: cannot create regular file `.//bin/rm': No such file or directory
cp: cannot create regular file `.//usr/bin/id': No such file or directory
cp: cannot create regular file `.//usr/bin/ssh': No such file or directory
cp: cannot create regular file `.//bin/cp': No such file or directory
cp: cannot create regular file `.//bin/getegg': No such file or directory
cp: cannot create regular file `.//bin/getpsy': No such file or directory
cp: cannot create regular file `.//bin/ping': No such file or directory
cp: cannot create regular file `.//usr/bin/dircolors': No such file or directory

I really dont get what should I do after that , Please help me becuase i am setting up a server for public.
Regards
Reply With Quote
  #10  
Old 30th December 2008, 01:53
Desp Desp is offline
Junior Member
 
Join Date: Dec 2008
Location: Sweden
Posts: 27
Thanks: 0
Thanked 2 Times in 1 Post
Send a message via MSN to Desp Send a message via Yahoo to Desp
 
Unhappy chroot

Hi again
I have fixed the errors above but it back to the first result terminl close when you type the testuser password .
when it comes to the part make install there is a msg PAM installed but seems that you need to install pam control panel could that be the problem?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
Ruby / FastCGI Problem Chad Server Operation 1 8th March 2008 20:38
Mail server attack princebenin Server Operation 1 19th November 2007 14:02
log files cruz Technical 3 15th May 2007 14:35
Chrooted SSH HowTo for Fedora Core 4? ctroyp HOWTO-Related Questions 3 26th May 2006 02:00


All times are GMT +2. The time now is 19:17.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.