Date: Mon, 05 Nov 2001 19:48:22 +0300 From: "Magdalinin Kirill" <bsdforumen@hotmail.com> To: volax@uh.ru Cc: freebsd-security@FreeBSD.ORG Subject: Re: Chrooted SSH2 problem Message-ID: <F149ixaLIqdqo0czTxs00024e9b@hotmail.com>
index | next in thread | raw e-mail
>gate# ssh2 -l dummy localhost
>dummy@localhost's password:
>Authentication successful.
>Connection to localhost closed.
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
at this point sshd already made chroot for the user
and tries to run /bin/sh, which does not exist, because
there is no sh in /home/chrooted/dummy/bin/ (after
chroot /home/chrooted/dummy/bin/ is not a link to system
/bin, it is just empty /bin).
If you want to allow a couple of users at your box, then
placing sh (which is statically linked) in
/home/chrooted/dummy/bin/ should do the trick. If there
must be many users, then consider making bin, usr and
even var directories under /home/chrooted, and chroot
all users to /home/chrooted. All binaries in bin, usr must
be statically linked or you will have to place all necessary
libraries over there, which is a security risk(?).
I don't remember exectly why, but instead of chrooting users
by sshd I use the following would-be-shell to chroot users,
that shell is set as user's default shell and is called by sshd
at login time:
#include <stdio.h>
#include <unistd.h>
int main (int argc, char *argv []) {
char *dir, *cmd;
chroot("/home");
asprintf(&dir, "/home/home/%s", getenv("LOGNAME"));
chdir(dir);
free(dir);
if (argc > 2)
{
asprintf(&cmd, "/usr/local/bin/bash %s %s", argv[1], argv[2]);
}
else
{
asprintf(&cmd, "/usr/local/bin/bash");
}
system(cmd);
free(cmd);
}
Hope this helps,
Kirill Magdalinin
bsdforumen@hotmail.com
>From: "Alexander S. Volchenkov" <volax@uh.ru>
>Reply-To: volax@uh.ru
>To: freebsd-security@FreeBSD.ORG
>Subject: Chrooted SSH2 problem
>Date: Mon, 5 Nov 2001 18:51:52 +0300
>
>Hi All!
>
>I've just installed ssh2 and trying to implement it's chroot feature.
>I have a problem with user login.
>
>User "dummy" is in the "chrooted" group. His home directory :
>/home/chrooted/dummy contains bin subdirectory with a mirror of /bin.
>User's shell is /bin/sh. Command: chroot /home/chrooted/dummy works fine.
>
>From /etc/sshd2_conf:
>-------------------------------------------
>AllowGroups chrooted
>ChRootGroups chrooted
>-------------------------------------------
>
>Client session:
>-------------------------------------------
>gate# ssh2 -l dummy localhost
>dummy@localhost's password:
>Authentication successful.
>Connection to localhost closed.
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>-------------------------------------------
>
>tail /var/log/messages:
>-------------------------------------------
>sshd[16513]: User dummy's local password accepted.
>sshd[16513]: Password authentication for user dummy accepted.
>sshd[16513]: User dummy, coming from localhost.sbm, authenticated.
>-------------------------------------------
>
>What I need to do to fix it?
>
>Thanks,
>Alexander S. Volchenkov (mailto:volax@uh.ru)
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-security" in the body of the message
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F149ixaLIqdqo0czTxs00024e9b>