Ladies & Gents
I have been trying to set up a chroot jail for some ssh users. I have been using this how-to http://www.howtoforge.org/chrooted-s...l-debian-lenny
I tried an earlier one from the same author and didn't have success either.
I am at this point.
I am able to login as the "testuser" provided that I change the sshd_config and comment out the settings for "testuser".
The error is
:~$ ssh testuser@kingbee
Debian GNU/Linux squeeze/sid
/bin/bash: Permission denied
Connection to kingbee closed.
The auth.log contains
Sep 29 18:07:56 Kingbee sshd: Connection from 127.0.1.1 port 33898
Sep 29 18:07:56 Kingbee sshd: Failed none for testuser from 127.0.1.1 port 33898 ssh2
Sep 29 18:08:01 Kingbee sshd: Accepted password for testuser from 127.0.1.1 port 33898 ssh2
Sep 29 18:08:01 Kingbee sshd: pam_unix(sshd:session): session opened for user testuser by (uid=0)
Sep 29 18:08:01 Kingbee sshd: Changed root directory to "/home"
Sep 29 18:08:01 Kingbee sshd: User child is on pid 25839
Sep 29 18:08:01 Kingbee sshd: pam_unix(sshd:session): session closed for user testuser
So far nothing I have tried has helped.
There were 2 entries in /home/etc/passwd & shadow in the jail for "testuser". The first one I think was a left over from the first attempt, so I deleted them. That didn't change things.
The /etc/passwd only contain one line for "testuser" and it looks like this
the one in the jail /home/etc/passwd looks like
The only difference I see is that the home directory is different and points inside the jail from outside.
The permissions on /home/testuser are drwx------(700) and all the files and folders in it are owned by testuser.
The script that builds the jail comes form http://www.fuschlberger.net/programs...p-chroot-jail/
and talks about pam causing login problems.
If you cannot log in (for example on Debian Sarge) and see a warning like "su: Module is unknown" then comment out the following line from $JAIL/etc/pam.d/su:
#session required pam_limits.so
After that logging in will work, although I can't explain why the module in $JAIL/lib/security/ is not found and used.
But I don't have /home/jail/etc/pam.d/su I have the folder but not the file. But my error says nothing about a module. I do have /home/etc/pam.d/su and the above is commented out.
I am able to manually enter the jail as root.
Thanks for any advice you can give me.