Jailer user and ssh-keygen home

Discussion in 'General' started by nanoarmando, Oct 4, 2019.

  1. nanoarmando

    nanoarmando New Member

    Hi guys, I hope you are well.

    I would like to ask you about a problem that is not serious, but if I would like to know why it is happening.

    When i create a new website and its respective jailed shell user, in some cases when i run ssh-key the default path is /.ssh/id_rsa and other times it is /home/*user*/.ssh/id_rsa.

    Could you tell me what i should do to always get /home/*user*/.ssh/id_rsa path ?

    Thx.
    P.D: Congrats, ispconfig its great ! :)
     

    Attached Files:

  2. ahrasis

    ahrasis Well-Known Member

    I don't think this is ISPConfig related, right? So try to use general linux board next time.

    If I understand your issue correctly, to create ssh key in specific root user path, you have to login as that user, otherwise if you login as general root user, you'll get it created in the general path.
     
  3. Jesse Norell

    Jesse Norell Well-Known Member

    That looks like the two accounts are on different servers; did you have jailkit installed at the time you installed ISPConfig on both of them? If not, try downloading the installation source and run update.php and choose yes to reconfigure services.

    Other than that, how do you login as the user? Ie. as "c1mailer.jbcode" and "c1packagist.jbcode" in your examples. If that different, eg. one was via ssh, the other via root running ssh, perhaps it could differ. Check the /etc/passwd files inside the jails of both accounts, do the entries differ in the homedir path there?
     
  4. nanoarmando

    nanoarmando New Member

    Yes, both accounts are on the same server and both are jailed users. It's weird, as I explained is a different behavior on the same server and jailed users.

    /etc/passwd file show the following info (This is a confirmation that both users are on the same server and are jailed users):
    web21:x:5007:5005::/var/www/clients/client1/web21/./home/web21:/usr/sbin/jk_chrootsh
    c1mailer.jbcode:x:5007:5005::/var/www/clients/client1/web21/./home/c1mailer.jbcode:/usr/sbin/jk_chrootsh
    web23:x:5008:5005::/var/www/clients/client1/web23/./home/web23:/usr/sbin/jk_chrootsh
    c1satis.jbcode:x:5008:5005::/var/www/clients/client1/web23/./home/c1satis.jbcode:/usr/sbin/jk_chrootsh

    Thx you guys.. for your help
     
  5. Jesse Norell

    Jesse Norell Well-Known Member

    what are contents of /etc/passwd from inside the 3 jails? (paste text here in a
    Code:
    [code]
    block if it's easier than taking screenshots).
     
  6. nanoarmando

    nanoarmando New Member

    ok, there it is

    User: c1satis.jbcode
    Code:
    cat /etc/passwd
    root:x:0:0:root:/root:/bin/bash
    c1satis.jbcode:x:5008:5005:::/bin/bash
    
    User: c1mailer.jbcode
    Code:
    [email protected]:~$ cat /etc/passwd 
    root:x:0:0:root:/root:/bin/bash
    c1mailer.jbcode:x:5007:5005::/home/c1mailer.jbcode:/bin/bash
    
     
  7. Jesse Norell

    Jesse Norell Well-Known Member

    Well, there's the reason for the difference, the home dir is set in one passwd file and missing in the other.

    I don't know why that would happen. It's easy enough to fix, but if it continues to happen in the future, the actual cause will need to be determined. Do you know of any differences in how or when the two were made? Eg. maybe all the "good" passwd entries are older, and "bad" are new, or vice-versa? Maybe you added some shell users without jailkit, then added it later? Or anything like that....
     
  8. nanoarmando

    nanoarmando New Member

    All users were created in the same way.
    Sites -> shell users -> new shell users.
    All users were created under jailkit (I have the "none" option disabled).

    I have one question..
    Can i try to modify the /etc/passwd file of each user with root user to fix the difference without affecting the operation of ipsconfig.

    Thanks Jesse i really appreciate your help.
     
  9. Jesse Norell

    Jesse Norell Well-Known Member

    Yes, that should work fine, then just keep an eye on new shell users to see if any of them are created with a home dir missing.
     

Share This Page