I'm running into some problems configuring everything to work.
I have my user created.
sftpaccount:x:60010:1:SFTP Account for
client:/usr/prms/ftp/chroot/./home/sftpaccount:/bin/sh
"chroot chroot_directory /bin/sh" works and puts me in 'jail'.
But when I sftp or ssh using this account I can traverse the file system...
On the openssh-chroot site:
***************
Q: Why isn't my user chrooted when I log in?
So far this has happened for three reasons. The first one is quite simple,
the patch isn't applied. Not sure how it is expected that the system will
chroot you magically, but whatev.
Second, the daemon you're logging into isn't the correct one. This happens
when you install the daemon into /usr/local and your system already has a
daemon in /usr that is being started, not yours. I don't doubt that there
are other reasons, but these are the two I've encountered so far.
Third, did you forget to put that magic token in the user's home directory?
Remember that the code looks for a '.' in there. This is explained more in
here.
***************
1)I'm pretty sure the patch is applied. I ran ./configure, then make, then
make install and got no error messages
2)I don't understand this. I checked both /usr/bin and /usr/local/bin and
ssh is in both.
# ls -l /usr | grep ssh
# ls -l /usr/bin | grep ssh
-r-xr-xr-x 1 root bin 936696 Jun 5 2006 ssh
-r-xr-xr-x 1 root bin 730732 Jun 5 2006 ssh-add
-r-xr-xr-x 1 root bin 656108 Jun 5 2006 ssh-agent
-r-xr-xr-x 1 root bin 731420 Jun 5 2006 ssh-keygen
# ls -l /usr/local/bin | grep ssh
lrwxrwxrwx 1 root other 5 Jan 10 15:10 slogin -> ./ssh
-rwxr-xr-x 1 root other 270172 Jan 10 15:10 ssh
-rwxr-xr-x 1 root other 91136 Jan 10 15:10 ssh-add
-rwxr-xr-x 1 root other 76568 Jan 10 15:10 ssh-agent
-rwxr-xr-x 1 root other 115340 Jan 10 15:10 ssh-keygen
-rwxr-xr-x 1 root other 154880 Jan 10 15:10 ssh-keyscan
3)The '.' is in the home directory path in /etc/passwd for the user
I'm guessing my problem lies in number 2 above but I don't know where to
start.
Thanks,
Travis
|
