Chrooted SSH/SFTP On Fedora 7

Discussion in 'HOWTO-Related Questions' started by city, Nov 15, 2007.

  1. city

    city New Member

    Greetings,

    I've completed my installation of the Chroot setup but when I try to connect from
    my remote client. I can get a login, I put in my password and hit enter, then it suddenly closes my connection. Can someone please help? :confused:

    -city-
     
  2. o.meyer

    o.meyer New Member Moderator HowtoForge Supporter ISPConfig Developer

    Hi,

    have you copied the line for your username from /etc/passwd to /home/chroot/etc/passwd ?

    E.g.:

    grep /etc/passwd -e "^testuser" >> /home/chroot/etc/passwd


    Olli
     
  3. city

    city New Member

    hi o.meyer,

    Yes, I've tried using that - even creating the testuser account verbatim like the example. I've tried going back and recompile the openssh-4.5p1-chroot and I noticed that after the make or was it the configure command that it complained about the ssh may not work if there is no PAM config file for. I'll try to get the exact error and post it here again.

    -city-
     
  4. city

    city New Member

    I got this message during the compile of openssh chroot. Could this be the issue, the last few lines of the message?

    Here is the output after I ran the following command from the How-To:

    ./configure --exec-prefix=/usr --sysconfdir=/etc/ssh --with-pam

    output:
    ---------------------------------------------------------------------------------------------------
    OpenSSH has been configured with the following options:
    User binaries: /usr/bin
    System binaries: /usr/sbin
    Configuration files: /etc/ssh
    Askpass program: /usr/libexec/ssh-askpass
    Manual pages: /usr/local/share/man/manX
    PID file: /var/run
    Privilege separation chroot path: /var/empty
    sshd default user PATH: /usr/bin:/bin:/usr/sbin:/sbin
    Manpage format: doc
    PAM support: yes
    OSF SIA support: no
    KerberosV support: no
    SELinux support: no
    Smartcard support: no
    S/KEY support: no
    TCP Wrappers support: no
    MD5 password support: no
    libedit support: no
    Solaris process contract support: no
    IP address in $DISPLAY hack: no
    Translate v4 in v6 hack: yes
    BSD Auth support: no
    Random number source: OpenSSL internal ONLY

    Host: i686-pc-linux-gnu
    Compiler: gcc
    Compiler flags: -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wno-pointer-sign -std=gnu99
    Preprocessor flags:
    Linker flags:
    Libraries: -lpam -ldl -lresolv -lcrypto -lutil -lz -lnsl -lcrypt

    PAM is enabled. You may need to install a PAM control file
    for sshd, otherwise password authentication may fail.
    Example PAM control files can be found in the contrib/
    subdirectory

    -------------------------------------------------------------------------------------------------------
     
  5. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's the output of
    Code:
    ls -l /etc/pam.d
    ?
     

Share This Page