From owner-freebsd-questions Thu Jul 18 20:59:20 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A38E37B400 for ; Thu, 18 Jul 2002 20:59:15 -0700 (PDT) Received: from a2.scoop.co.nz (aurora.scoop.co.nz [203.96.152.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7DA5A43E65 for ; Thu, 18 Jul 2002 20:59:14 -0700 (PDT) (envelope-from andrew@scoop.co.nz) Received: from localhost (localhost [127.0.0.1]) by a2.scoop.co.nz (8.12.2/8.12.2) with ESMTP id g6J3ljUb082360; Fri, 19 Jul 2002 15:47:46 +1200 (NZST) (envelope-from andrew@scoop.co.nz) Date: Fri, 19 Jul 2002 15:47:45 +1200 (NZST) From: Andrew McNaughton To: Michael Sharp Cc: freebsd-questions@FreeBSD.ORG Subject: Re: chroot In-Reply-To: <1085.192.168.1.4.1027045379.squirrel@webmail.probsd.ws> Message-ID: <20020719153329.P79114-100000@a2.scoop.co.nz> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I haven't looked over what you've done all that thoroughly, but here's some starters: The first thing I would do is to turn up your server log level and have a look at what it says. It's an option in the sshd config file. I take it you didn't install 'su' in your chroot area. 'sh'? You very likely need a log device. start syslog with the appropriate option. Take a look at lsof output for an active sshd process. It shows a number of libraries that you don't seem to have done anything about. eg: /usr/lib/pam_skey.so /usr/lib/libskey.so.2 /usr/lib/libdescrypt.so.2 /usr/lib/libmd.so.2 /usr/lib/pam_unix.so /usr/lib/pam_permit.so Andrew McNaughton On Thu, 18 Jul 2002, Michael Sharp wrote: > Date: Thu, 18 Jul 2002 22:22:59 -0400 (EDT) > From: Michael Sharp > To: freebsd-security@FreeBSD.ORG > Cc: freebsd-questions@FreeBSD.ORG > Subject: chroot > > I installed ( or so I thought ) a chroot env last night and ran into some > difficulties. Could someone very familiar with openssh/chroot glance > over http://probsd.ws/chroot.txt and tell me what I did wrong please? > > chroot.txt is an EXTREMELY detailed example of what I did, and script > output of the ssh connection to the chroot. > > Thx, michael > freebsd@ec.rr.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message