how to chroot to /home/ an ssh acct
hello all, i need to give someone shell access to my server (ssh) but i dont want him to go higher than /home/ ... any idea on how that can be done ? also, i chrooted his ftp acct to /home/ but, when he ls -al, he only sees numeric user ids and gids and not the corresponding name. is this because /etc/passwd,group was not found (bec of chrooted ftp to /home?) ? ... anyone knows of any workaround to this ? thanks in advance ... chad adlawan __ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Re: how to chroot to /home/ an ssh acct
At 07:28 PM 3/19/00 -0800, t s a d i wrote: only sees numeric user ids and gids and not the corresponding name. is this because /etc/passwd,group was not found (bec of chrooted ftp to Yep. For him, /etc does not exist. Stick some symlinks of any critical files he would need in /home. /home/etc/passwd =- /etc/paswwd etc... +---+ |-=I T ' S P R I N C I P L E T H A T C O U N T S=- | |=- -=ALAN KEYES FOR PRESIDENT=- -=| | Balanced Budgets Personal Freedoms Morality Lower Tax | |=-- http://www.Keyes2000.com. --=| ++
Re: how to chroot to /home/ an ssh acct
symlinks that go up past the chrooted directory don't work. I.e. you are creating a reference to /etc/passwd within the chrooted environment, and have just created a circular symlink. Best way is to create a dummy password file for the chroot jail with just the information they need, e.g: someuser:x:202:202::/someuser: someotheruser:x:203:203::/someotheruser: (remember, the directory is relative to the chroot'd directory). They have no need for the full name, nor really the group, and certainly not the shell or password. Just the username, uid, and directory; and only the dir if you want them to be able to cd ~someuser. On Sun, 19 Mar 2000, Chris Wagner wrote: At 07:28 PM 3/19/00 -0800, t s a d i wrote: only sees numeric user ids and gids and not the corresponding name. is this because /etc/passwd,group was not found (bec of chrooted ftp to Yep. For him, /etc does not exist. Stick some symlinks of any critical files he would need in /home. /home/etc/passwd =- /etc/paswwd etc...