#1  
Old 14th June 2012, 07:56
kafmil kafmil is offline
Junior Member
 
Join Date: Jun 2012
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default Chrooted SSH

I have followed the instructions here, http://www.howtoforge.com/restrictin...debian-squeeze (and many many others) but can't seem to get this working. As soon as I add
Code:
Match User sshuser
       ChrootDirectory /chrootdir
       X11Forwarding no
       AllowTcpForwarding no
I get the errors below when I try to SSH in. I am running Centos 6. make_chroot_jail says I am missing a couple of libraries, but from what I have read they are 32bit, I am running 64. I just can't find anything useful on these errors.
Code:
sshd[22]: Accepted password for sshuser from 123.456.789.012 port 1234 ssh2
sshd[22]: pam_unix(sshd:session): session opened for user sshuser by (uid=0)
sshd[22]: User child is on pid 27
sshd[27]: Changed root directory to "/chrootdir"
sshd[27]: error: mm_receive_fd: no message header
sshd[27]: fatal: mm_pty_allocate: receive fds failed
sshd[27]: error: buffer_get_ret: trying to get more bytes 1 than in buffer 0
sshd[27]: error: buffer_get_char_ret: buffer_get_ret failed
sshd[27]: fatal: buffer_get_char: buffer error
sshd[22]: fatal: mm_request_receive: read: Connection reset by peer
sshd[22]: pam_unix(sshd:session): session closed for user sshuser
Any ideas out there?
Reply With Quote
Sponsored Links
  #2  
Old 15th June 2012, 12:15
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

What's your OpenSSH version? AFAIR you need a version newer than 4.8.

Is this a physical server or a virtual machine? If it's a virtual machine, you might have to increase RAM a bit.

Another guess: is SELinux active?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 18th June 2012, 09:03
kafmil kafmil is offline
Junior Member
 
Join Date: Jun 2012
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default SE Linux

Looks like SE Linux is the culprit, thanks. For some reason though, I get
Code:
su: user root does not exist
when I try to su to the root account. Root is there in the passwd and shadow file, so it should work.

I am also having a lot of hassles getting SELinux to let me through, I am not turning SELinux off, sshd access must be configurable somehow. I will post back here if I figure it out.
Reply With Quote
Reply

Bookmarks

Tags
chroot, ssh

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Jailkit SSH user not chrooted...buy why? LTxda General 4 20th October 2011 17:43
Chrooted environments with Ubuntu and IspConfig hrvbid Installation/Configuration 5 23rd December 2009 18:44
chrooted ssh guide killed perforce v2k Server Operation 3 1st January 2009 10:54
a backup server by RSYNC + SSH in a chrooted environment paguira Server Operation 3 23rd August 2008 16:44
Chrooted SSH & ISPConfig SamTzu HOWTO-Related Questions 8 11th May 2008 23:13


All times are GMT +2. The time now is 06:56.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.