Hi Daniel, > I might be reading your email wrong. The > /var/chroot/apache/etc/passwd is not what matters. What does > matter is the standard /etc/passwd. > > So, try adding something like this: > > mbellears:x:1001:1001:Chrooted > user:/var/chroot/apache/./home/mbellears:/bin/bash
If I do not have the users entry in the chroot'd /etc/passwd, the user cannot gain access: Oct 22 07:30:24 localhost sshd[2992]: input_userauth_request: illegal user mbellears3 Oct 22 07:30:24 localhost sshd[2992]: Could not reverse map address 192.168.1.11. Oct 22 07:30:24 localhost sshd[2992]: Failed none for illegal user mbellears3 from 192.168.1.11 port 32925 ssh2 Oct 22 07:30:24 localhost sshd[2992]: Failed keyboard-interactive for illegal user mbellears3 from 192.168.1.11 port 32925 ssh2 Oct 22 07:30:27 localhost sshd[2992]: Failed password for illegal user mbellears3 from 192.168.1.11 port 32925 ssh2 Oct 22 07:30:32 localhost last message repeated 2 times Oct 22 07:30:32 localhost sshd[2992]: Connection closed by 192.168.1.11 /etc/passwd does not appear to be even considered during the SSH/SFTP attempts - I have removed the 'mbellears3' entry entirely from that file, and still get the: Oct 22 07:35:07 localhost sshd[3005]: fatal: Couldn't chroot to user directory Error in the auth log...which by the way is an error originating from the patch to session.c: if (chroot(user_dir) != 0) fatal("Couldn't chroot to user directory %s", user_dir); pw->pw_dir = new_root; So the patch appears to have been applied correctly...I must be using it incorrectly ;) Regards, MB > > -- > Danie Roux *shuffle* Adore Unix > > >