Re: [Jailkit-users] ssh from jailed user

I've tried to create a new user / jail :
#useradd githplus2
#jk_init -j /srv/gan-w17-disk1/githplus2 basicshell editors extendedshell netutils ssh sftp scp jk_lsh
#jk_jailuser -m -j /srv/gan-w17-disk1/githplus2 githplus2
#passwd githplus2
<set password>

Then I edit /srv/gan-w17-disk1/githplus2/etc/passwd and changed githplus2's shell to /bin/bash.

address@hidden gan-w17-disk1]# ll /srv/gan-w17-disk1/githplus2/dev/null
crw-rw-rw- 1 root root 1, 3 Sep 15 04:30 /srv/gan-w17-disk1/githplus2/dev/null

address@hidden gan-w17-disk1]# chmod 777 /srv/gan-w17-disk1/githplus2/dev/null
address@hidden gan-w17-disk1]# ssh address@hidden
Password:

address@hidden ~]$ ls -la /dev/null
crwxrwxrwx 1 root root 1, 3 Sep 15 04:30 /dev/null

address@hidden ~]$ ssh 127.0.0.1
Couldn't open /dev/null: Permission denied

Still have the same problem.

Regards,
Cédric

Le 17/02/2014 09:43, OCEANET - Cédric BASSAGET a écrit :

Hi,

I've created jail with jk_jailuser and jk_init.

I've tried many things :

address@hidden ~]# jk_init -j /srv/gan-w17-disk1/githplus terminfo ssh sftp scp
Device /srv/gan-w17-disk1/githplus/dev/urandom does exist already
Device /srv/gan-w17-disk1/githplus/dev/tty does exist already
Device /srv/gan-w17-disk1/githplus/dev/null does exist already
Copying /usr/libexec/openssh/sftp-server to /srv/gan-w17-disk1/githplus/usr/libexec/openssh/sftp-server
Copying /usr/bin/scp to /srv/gan-w17-disk1/githplus/usr/bin/scp

address@hidden ~]# ll /srv/gan-w17-disk1/githplus/dev/null
crwxrwxrwx 1 root root 1, 3 Feb 13 13:10 /srv/gan-w17-disk1/githplus/dev/null

address@hidden ~]# ssh address@hidden
Password:
Last login: Mon Feb 17 09:32:29 2014 from XXX

address@hidden ~]$ whoami
githplus

address@hidden ~]$ pwd
/home/githplus

address@hidden ~]$ ls -la /dev/null
crwxrwxrwx 1 root root 1, 3 Feb 13 13:10 /dev/null

address@hidden ~]$ ssh -v 127.0.0.1
Couldn't open /dev/null: Permission denied

.................
Any Idea ?
Regards,
Cédric

Le 14/02/2014 09:24, Richard Scott a écrit :
How did you create your Jail?

You should have a /dev/null inside your jail.

I create mine like this:

jk_init -j /myjail terminfo ssh sftp scp

and the "ssh sftp scp" option creates the required devices.

Rich

On 14/02/2014 08:06, OCEANET - Cédric BASSAGET wrote:
Hello Olivier,

I still have the same problem, with :

address@hidden ~]$ ls -la /dev/null
crwxrwxrwx 1 root root 1, 3 Feb 13 13:10 /dev/null
address@hidden ~]$ ssh -v 10.10.10.10
Couldn't open /dev/null: Permission denied

Le 13/02/2014 21:49, Olivier Sessink a écrit :
On 02/13/2014 01:23 PM, OCEANET - Cédric BASSAGET wrote:

But I still have this error :
address@hidden ~]$ ssh -v 10.10.10.10
Couldn't open /dev/null: Permission denied

try

chmod a+rw /path/to/jail/dev/null

Olivier
-- 
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/
_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users
_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users
_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users

From:	OCEANET - Cédric BASSAGET
Subject:	Re: [Jailkit-users] ssh from jailed user
Date:	Mon, 17 Feb 2014 10:15:33 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0