Jailkit user can't log in. Connection closed after welcome message.

Discussion in 'Installation/Configuration' started by simonb, Nov 1, 2011.

  1. simonb

    simonb New Member

    I have Ispconfig installed on Ubuntu 10.04 LTS according to the installation instructions.

    Jailkit is version 2.11-1.

    When I create a chrooted SSH user the session is dropped as soon as it is started. With the following output...

    Linux ispconfig.bkwsu.eu 2.6.32-33-server #72-Ubuntu SMP Fri Jul 29 21:21:55 UTC 2011 x86_64 GNU/Linux
    Ubuntu 10.04.3 LTS
    Welcome to the Ubuntu Server!
     * Documentation:  http://www.ubuntu.com/server/doc
      System information as of Tue Nov  1 08:21:13 GMT 2011
      System load:  0.0               Processes:           137
      Usage of /:   23.5% of 8.25GB   Users logged in:     1
      Memory usage: 43%               IP address for eth0:
      Swap usage:   0%
      Graph this data and manage this system at https://landscape.canonical.com/
    6 packages can be updated.
    0 updates are security updates.
    Last login: Tue Nov  1 08:09:33 2011 from xxx-xxx-xx.zone3.bethere.co.uk
    Connection to myserver.com closed.

    /var/log/auth contains the following record...

    Nov  1 08:21:13 ispconfig sshd[4342]: Accepted password for userintranet from port 60907 ssh2
    Nov  1 08:21:13 ispconfig sshd[4342]: pam_unix(sshd:session): session opened for user userintranet by (uid=0)
    Nov  1 08:21:14 ispconfig sshd[4415]: Received disconnect from 11: disconnected by user
    Nov  1 08:21:14 ispconfig sshd[4342]: pam_unix(sshd:session): session closed for user userintranet
    I read in other posts that the user must be created by the reseller, not admin. I have tried both and get the same result.

    The entries in /etc/passwd and /etc/group are...

    The directory, /var/www/clients/client1/web2/./home/userintranet, is owner:group as web2:client1.

    The message in the log, "disconnected by user" is strange. I am logging in using openssh on Ubuntu. I can log in to any other server I use using the same client.

    Also worth noting that I have two separate Ispconfig 3 installations. Both behave in the same way.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Login to ispconfig, disable the shell user, click save, then enable the shell user and wait at least a minute. Then try to login again.
  3. simonb

    simonb New Member

    Hi Till,

    Thanks for the amazingly fast response!

    I just tried disabling the account, waiting a few minutes, enabling the account, waiting a few minutes. No change.

    I then tried disabling the account, re-enabling immediately after Save, waiting a few minutes. Again, no change.

    I'm curious, should the shell in /etc/passwd really be /bin/false?
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    No, the shell must be the chroot shell from jailkit. This might be related to a bug in your ispconfig version. Please update your server to ispconfig and then disable / enable the shell user again.
  5. simonb

    simonb New Member

    Hi Till,

    After upgrading and running /usr/local/ispconfig/server/server.sh at the command line I found the problem.

    I had symlinked /var/www and /var/lib/mysql to a data partition and this was causing some upset.

    Trying to bind-mount it caused other problems (unable to create hardlinks to /var/run) so I mounted the whole /var directory to the data partition.

    Everything is working now and the shell defined in /etc/passwd is now /usr/sbin/jk_chrootsh.

    Thanks for all your help!


Share This Page