[Lug-bg] Помощ за debug на chroot с OpenSSH.

Kristian Kirilov Thu, 02 Jul 2009 05:46:55 -0700

Здравейте,

преди време бях писал и дойде момента да тествам разни неща. Карам по 
този урок 
http://d3v1ous.d3v1ous.info/Helpfull%20Documents%20EN/chroot-openssh-easyest-way,
 
с SFTP-то нямам проблем, chroot-нат съм в homedir-a, но при ssh loggin 
нещата не стоят точно така, т.е. намирам се в нещо като /dev/null :))).


Общо взето нещата са такива:

/etc/ssh/sshd_config

Subsystem     sftp   internal-sftp

Match Group sftp
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no

Това е на края на файла. От своя страна потребителя d3v1ous се намира в 
група sftp:

r...@217-18-252-139:~# id d3v1ous
uid=1000(d3v1ous) gid=1000(d3v1ous) groups=1000(d3v1ous),1001(sftp)
r...@217-18-252-139:~#

В /etc/passwd нещата изглеждат така:

r...@217-18-252-139:~# grep d3v1ous /etc/passwd
d3v1ous:x:1000:1000:,,,:/home/jail/home/d3v1ous:/bin/bash
r...@217-18-252-139:~#

В /home/jail директориината структура е изградена по гореспоменатият урок.

При логин нещата изглеждат така:

r...@217-18-252-139:~# ssh d3v1...@localhost
d3v1...@localhost's password:
ls
ps x
Connection to localhost closed.
r...@217-18-252-139:~#

В /var/log/auth.log:

r...@217-18-252-139:~# tail /var/log/auth.log
Jul  2 15:29:26 217-18-252-139 sshd[6145]: Accepted password for d3v1ous 
from 127.0.0.1 port 47889 ssh2
Jul  2 15:29:26 217-18-252-139 sshd[6145]: pam_unix(sshd:session): 
session opened for user d3v1ous by (uid=0)
Jul  2 15:29:28 217-18-252-139 sshd[6145]: pam_unix(sshd:session): 
session closed for user d3v1ous
Jul  2 15:34:53 217-18-252-139 sshd[6156]: Accepted password for d3v1ous 
from 127.0.0.1 port 45580 ssh2
Jul  2 15:34:53 217-18-252-139 sshd[6156]: pam_unix(sshd:session): 
session opened for user d3v1ous by (uid=0)
Jul  2 15:35:00 217-18-252-139 sshd[6156]: pam_unix(sshd:session): 
session closed for user d3v1ous
Jul  2 15:35:05 217-18-252-139 sshd[6163]: Accepted password for d3v1ous 
from 127.0.0.1 port 45581 ssh2
Jul  2 15:35:05 217-18-252-139 sshd[6163]: pam_unix(sshd:session): 
session opened for user d3v1ous by (uid=0)
Jul  2 15:35:11 217-18-252-139 sshd[6163]: pam_unix(sshd:session): 
session closed for user d3v1ous
r...@217-18-252-139:~#

При дебъг логин няма нищо нередно.

d3v1...@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
ls
ls -ladebug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0

debug1: channel 0: free: client-session, nchannels 1
Connection to localhost closed.
Transferred: sent 2016, received 2296 bytes, in 7.0 seconds
Bytes per second: sent 287.1, received 327.0
debug1: Exit status 11
r...@217-18-252-139:~#

Ако имате някакви предложения :))

Поздрави
К.Кирилов

_______________________________________________
Lug-bg mailing list
[email protected]
http://linux-bulgaria.org/mailman/listinfo/lug-bg

[Lug-bg] Помощ за debug на chroot с OpenSSH.

Reply via email to