chroot'ing SSH home directories, shell problem.

Posted by Hamza on Server Fault See other posts from Server Fault or by Hamza
Published on 2010-05-11T13:00:25Z Indexed on 2010/05/11 13:04 UTC
Read the original article Hit count: 439

Filed under:

ssh

|

openssh

|

chroot

|

shell

Hi folks,

I am trying to chroot my SSH users to their home directories and it seems to work.. in a strange way. Here is what I have in my sshd_config:

Match group restricthome
    ChrootDirectory %h

The permissions on the user directories looks like this:

drwxr-xr-x  2 root root 1024 May 11 13:45 [user]/

And I can see that the user logs in successfully:

May 11 13:49:23 box sshd[5695]: Accepted password for [user] from x.x.x.x port 2358 ssh2 (with no error messages after this)

But after entering the password the PuTTY window closes down.

This is a wild guess, but could it be because the user's shell is set to /bin/bash and it can't execute because of the chroot? If so, could you give me pointers on how to fix it? Would simply copying the bash binary into user's home directory and modyfying the shell work? How would I deal with the dependencies, ldd shows quite a few of those :)

Comments/suggestions will be appreciated.

Thanks.

© Server Fault or respective owner

Related posts about ssh

Problem with hadoop start-dfs.sh

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed and configured hadoop on my Ubuntu 14.04 server, virtualized inside of hyper-v, however I am getting an issue when i run start-dfs.sh root@sUbuntu01:/var/log# start-dfs.sh 14/06/04 15:27:08 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java… >>> More
SSH problems (ssh_exchange_identification: read: Connection reset by peer)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I was running 11.10 and decided to do the full upgrade and come up to 12.04 after the update SSH (not SSHD) is now misbehaving when attempting to connect to other OpenSSH instances. I say OpenSSH as I am running a DropBear sshd on my router and I am able to connect to it. When attempting to connect… >>> More
SSH main process ended

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running ubuntu server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
SSH server not working (respawns until stopped)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a running Ubuntu Server 10.04.1. When I tried to login to the server via ssh, I could not. Instead, I got connection refused error. I tried to ping the machine and I got reply! So, the clear reason is that SSH daemon is stopped. After reboot, I was able to login to my server via ssh. After… >>> More
Cannot SSH after resetting firewall on VPS

as seen on Server Fault - Search for 'Server Fault'
I'm having trouble trying to SSH to my Debian 5 VPS with blacknight. It was working fine until I did the following: Logged into 'Parallels Infrastructure Manager' - Container - Firewall - Set to 'Normal Firewall settings'. It told me there was an error with the IPTables and offered the option again… >>> More

Related posts about openssh

OpenSSH 5.9p1 on Ubuntu 11.10

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I want to build a deb package with the latest version of openssh from source. Then I want to install it on my machine. I am running: Linux Ubuntu-1110-oneiric-64-minimal 3.0.0-12-server #20-Ubuntu SMP Fri Oct 7 16:36:30 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux To achieve my goal I do: wget ftp://ftp… >>> More
SSH is not working .. Password promt is not coming

as seen on Server Fault - Search for 'Server Fault'
I am not able to SSH into my ubuntu server since yesterday. I am not using any keyless or public key method.. Its simple SSH with username and password everytime.. However I can do a VNC session running on my ubuntu server.. But I am afraid that if the vnc session goes out, I wont be having any… >>> More
Basic proxy with OpenSSH, Cygwin, Putty

as seen on Server Fault - Search for 'Server Fault'
I know this is probably a common question, but after looking around for a few hours (on this site and others), I can't find a solution. I'm trying to set up a simple proxy. I already have a server running Windows Server 2008. I've installed Cygwin and have OpenSSH installed. I also have sshd (the… >>> More
Chroot with CentOS 5.3 + openssh 4.3p2

as seen on Server Fault - Search for 'Server Fault'
OS: CentOS 5.3, with openssh 4.3p2 Trying to set 'chroot' in ssh shell, but openssh version prior to 4.8 doesn't take below settings. yum update openssh open up to version 4.3 which is quite old. Doesn't CentOS support openssh 4.8 or up? If that's the case, how to set chroot with openssh 4.3? or… >>> More
OpenSSH SFTP server with chroot()

as seen on Server Fault - Search for 'Server Fault'
I am currently setting up an SFTP server but there is one detail I can't seem to figure out. When I add a user, I would like him to connect using his client and be able to write in his "root dir" right away. My Match case for the SFTP-users group currently has ChrootDirectory set as "/home/%u",… >>> More