[scponly] Need help with chrooted scponly 4.6 on centos 5
Kaleb Pederson
kibab at icehouse.net
Sat Sep 15 17:48:27 EDT 2007
On Saturday 15 September 2007, Security Team wrote:
> This is the only scary message:
>
> # ldconfig -r /home/userguy -v
> ldconfig: Can't stat /usr/ofed/lib: No such file or directory
It just means that /etc/ld.so.conf (within the chroot) references a folder
that doesn't exist.
> > Also, you might try copying /bin/sh into the chroot temporarily, and
> > making sure that you can chroot to the directory manually, and then run
> > sftp-server as the person that you are trying to connect as.
>
> Unclear on this part, but I'm re-reading this sentence a couple times to
> figure out what to try.
Basically, a good way to test is to copy /bin/sh into the chroot (as /bin/sh),
and then do the same thing manually that scponly does. It's something like
this:
$ CHROOTDIR=/path/to/your/chroot
$ cp /bin/sh $CHROOTDIR/bin
$ chroot $CHROOTDIR /bin/sh
$ /path/to/your/sftp-server
If the last command just sits there and doesn't exit, then it's probably
working. You might also see library errors, permission problems, etc.
--Kaleb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070915/d1d38612/attachment.bin
More information about the scponly
mailing list