[scponly] Chrooting scponly in Gentoo

TSD Techs junk at tisdaleschooldiv.sk.ca
Fri Mar 10 15:29:14 EST 2006


There we go! I got it working, thanks! It makes sense to me now.

Thanks!

On Thu, 09 Mar 2006 10:18:34 -0700, Paul Hyder wrote
> The message means that the jailed home directory is not owned by 
> root. The home directory has to be owned by root and be write restricted.
> If incoming transfers are permitted, there should be a writeable
> sub directory or mounted directory for the user to use.
>     Paul Hyder
>     NOAA Earth System Research Laboratory, Global Systems Division
>     Boulder, CO
> 
> TSD Techs wrote:
> > Hello,
> > 
> > I am confused as to how I am supposed to chroot my users into their home 
> > directories when using scponly.
> > 
> > I am using Gentoo and have tried using scponly 4.3 and 4.6. I am able to 
log 
> > in fine using non-chrooted scponly, but am having problems using chrooted 
> > scponly, I get the below error in /var/log/messages
> > 
> > Mar  8 11:03:34 www sshd[8796]: Accepted password for testuser from 
> > xx.xxx.xx.xx port 4564 ssh2
> > Mar  8 11:03:34 www sshd[8811]: subsystem request for sftp
> > Mar  8 11:03:34 www scponly[8812]: chroot dir not owned by 
> > root: /home/testuser
> > 
> >>From what I can tell I may need to setup a chroot jail and change 
permissions 
> > on the users home directory? I am a little confused by this. I have read 
> > through the building jails text file and it doesn't look like that is the 
> > cause of hte permission problem (although it may be the next problem once 
I 
> > get past this one). I have also tried running the setup_chroot.sh file 
and I 
> > get this output:
> > 
> > grep: config.h: No such file or directory
> > 
> > your scponly build is not configured for chrooted operation.
> > please reconfigure as follows, then rebuild and reinstall:
> > 
> > ./configure --enable-chrooted-binary (... other options)
> > 
> > However the --enable-chrooted-binary option was run when I compiled 
scponly, 
> > and the binary exists and it does allow me to start logging in but kicks 
out 
> > the permission error.
> > 
> > I can't seem to find anything regarding how to deal with this permissions 
> > issue. Could someone please point me in the right direction?
> > 
> > Thanks!
> > 
> > 
> > 
> > _______________________________________________
> > scponly mailing list
> > scponly at lists.ccs.neu.edu
> > https://lists.ccs.neu.edu/bin/listinfo/scponly




More information about the scponly mailing list