From owner-freebsd-security Tue Nov 6 2:24:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from pkl.net (spoon.pkl.net [212.111.57.14]) by hub.freebsd.org (Postfix) with ESMTP id 5881737B417 for ; Tue, 6 Nov 2001 02:24:45 -0800 (PST) Received: from localhost (rik@localhost) by pkl.net (8.9.3/8.9.3) with ESMTP id KAA00905; Tue, 6 Nov 2001 10:23:26 GMT Date: Tue, 6 Nov 2001 10:23:26 +0000 (GMT) From: rik@rikrose.net X-Sender: rik@pkl.net To: "Alexander S. Volchenkov" Cc: Peter Pentchev , freebsd-security@FreeBSD.ORG Subject: Re: Chrooted SSH2 problem In-Reply-To: <200111060717.fA67HZu81881@ns.uh.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 6 Nov 2001, Alexander S. Volchenkov wrote: > The output of sshd2 -d1: > sshd2[1296]: /etc/spwd.db: No such file or directory > Connection to gate closed. I've not been wathing the whole conversation, but that error I've left above (and consequently the other errors too) look to me like you've chrooted the sshd, rather than letting it chroot a certain group of users. sshd must run as root, in order to switch to the required users, and therefore has the permissions to chroot when required, so if you just leae it with its default setup, and add those 2 lines to the config file that were specified above, then everything ought to be fine. Good luck -- PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org Key fingerprint = 5EB1 4C63 9FAD D87B 854C 3DED 1408 ED77 D272 9A3F Public key also encoded with outguess on http://rikrose.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message