Table of Contents
If you want to send us your comments, please do so. Thanks
More on comments
chroot for ssh
Question: can you login via ssh to chroot for account guest and normal login to an other user account?
Installation
Our experience based on: Tecmint's Restrict ssh user to directory using chrooted jail
Work in progress
mkdir -p /home/guest/dev/ cd /home/guest/dev/ # mknod - make block or character special files mknod -m 666 null c 1 3 mknod -m 666 tty c 5 0 mknod -m 666 zero c 1 5 mknod -m 666 random c 1 8 chown root:root /home/guest chmod 0755 /home/guest ls -ld /home/guest mkdir -p /home/guest/bin cp -v /bin/bash /home/guest/bin/ ldd /bin/bash linux-vdso.so.1 (0x00007ffc1f35f000) libtinfo.so.6 => /lib/x86_64-linux-gnu/libtinfo.so.6 (0x00007f4f94227000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f4f94222000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f4f94061000) /lib64/ld-linux-x86-64.so.2 (0x00007f4f94392000) mkdir -p /home/guest/lib/x86_64-linux-gnu/ # Indeed, both. libtinfo.so.6.1 might be libtinfo.so.6: cp -v /lib/x86_64-linux-gnu/{libtinfo.so.6.1,libdl.so.2,libc.so.6,ld-linux-x86-64.so.2} /home/guest/lib64 cp -v /lib/x86_64-linux-gnu/{libtinfo.so.6.1,libdl.so.2,libc.so.6,ld-linux-x86-64.so.2} /home/guest/lib/x86_64-linux-gnu adduser visitor mkdir /home/guest/etc cp -vf /etc/{passwd,group} /home/guest/etc/ vi /etc/ssh/sshd_config # Define the username to apply the chroot jail to Match User visitor # Specify the chroot jail ChrootDirectory /home/guest systemctl restart sshd ssh visitor@192.168.0.0
Command line
- Backspace works. You do not see the result but it is there
- Arrow up works. Previous command
- Tab expansion works
- Implementing /usr/share/bash-completion seems to be a lot of work because of the dependencies
Errors
Loading shared libraries
- bash: error while loading shared libraries: libtinfo.so.6: cannot open shared object file: No such file or directory
Connection to 192.168.0.0 closed. Solution:
ls -l /lib/x86_64-linux-gnu/libtinfo.so.6 lrwxrwxrwx 1 root root 15 nov 2 2019 /lib/x86_64-linux-gnu/libtinfo.so.6 -> libtinfo.so.6.1 cp -v /lib/x86_64-linux-gnu/libtinfo.so.6.1 /home/guest/lib64/
Solution:
Copy to /home/guest/lib/x86_64-linux-gnu/ cp -v /lib/x86_64-linux-gnu/{libtinfo.so.6.1,libdl.so.2,libc.so.6,ld-linux-x86-64.so.2} /home/guest/lib/x86_64-linux-gnu/
Permission denied
ssh visitor@192.168.0.0 visitor@192.168.0.0's password: Permission denied, please try again.
No such file or directory
/bin/bash: No such file or directory Connection to 192.168.0.0 closed.
Installing addtional software
tmux in chroot environment
See tmux
e3
cp -v /usr/bin/e3vi usr/bin/
You can not save changed files.
ls
cp -v /usr/bin/ls usr/bin/ cp -v /usr/lib/x86_64-linux-gnu/{libselinux.so.1usr,libpcre.so.3} usr/lib/x86_64-linux-gnu/
Useful links
Wikipedia: chroot
Arch wiki: chroot
Prevent users accessing anything but their own home directory
chroot a linux wonder
Restricting ssh user session to a directory chrooted jail
Restrict ssh user to directory using chrooted jail
The chroot-command
Script to automate the creation of chroot jail w/ minimal executables to run git
Yet another how to chroot article
Alpine Linux in a chroot
Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy
RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.