[scponly] chroot user to home directory
Casper
kl at os.lv
Wed Apr 26 14:21:33 EDT 2006
Hi,
I wanted to make one user with only sftp/scp available and that user
is chrooted to his home directory.
I`m using freebsd 6.0 jail and compiled scponly-4.6 with:
./configure --prefix=/usr/scponly --enable-chrooted-binary && make &&
make install
with "make jail" I created user and chroot.
But when I try to login:
root at server# sftp user at localhost
Connecting to localhost...
Password:
Connection closed
Logs:
20:42:17 server sshd[2119]: error: PAM: authentication error for user
from server
20:42:18 server sshd[2119]: Accepted keyboard-interactive/pam for user
from 172.1.1.1 port 57019 ssh2
20:42:18 server sshd[2123]: _secure_path: cannot stat
/data//.login_conf: Permission denied
20:42:18 server sshd[2123]: subsystem request for sftp
20:42:18 server sshd[2124]: _secure_path: cannot stat
/data//.login_conf: Permission denied
20:42:18 server scponly[2124]: chrooted binary in place, will chroot()
20:42:18 server scponly[2124]: running: /usr/libexec/sftp-server
(username: user(1001), IP/port: 172.1.1.1 57019 22)
20:42:18 server scponly[2124]: failed: /usr/libexec/sftp-server with
error Permission denied(13) (username: user(1001), IP/port: 172.1.1.1
57019 22)
What is with .login_conf permissions, I created file and chmod 777
permission to test it, nothing changes...
And with scponly debuglevel 1 I did not find more information about what
sftp-server permission problems...
Any body can comment how to chroot user with scponly? Chroot seems to
have all files and sftp-server working...
thanks,
Casper
More information about the scponly
mailing list