Re: how to chroot to /home/ an ssh acct

To: Chris Wagner <wagnerc@plebeian.com>
Cc: debian-isp@lists.debian.org
Subject: Re: how to chroot to /home/ an ssh acct
From: Aaron Dewell <acd@woods.net>
Date: Sun, 19 Mar 2000 23:42:28 -0900 (AKST)
Message-id: <Pine.GSO.4.10.10003192338170.10352-100000@elm.woods.net>
In-reply-to: <20000320043202Z19766-5225+1161@mail2.one.net>

symlinks that go up past the chrooted directory don't work.  I.e. you are
creating a reference to /etc/passwd within the chrooted environment, and
have just created a circular symlink.

Best way is to create a "dummy" password file for the chroot jail with
just the information they need, e.g:

someuser:x:202:202::/someuser:
someotheruser:x:203:203::/someotheruser:

(remember, the directory is relative to the chroot'd directory).  They
have no need for the full name, nor really the group, and certainly not
the shell or password.  Just the username, uid, and directory; and only
the dir if you want them to be able to cd ~someuser.

On Sun, 19 Mar 2000, Chris Wagner wrote:
> At 07:28 PM 3/19/00 -0800, t s a d i wrote:
> >only sees numeric user ids and gids and not the corresponding name.  is
> >this because /etc/passwd,group was not found (bec of chrooted ftp to
> 
> Yep.  For him, /etc does not exist.  Stick some symlinks of any critical
> files he would need in /home.  /home/etc/passwd =-> /etc/paswwd etc...

Reply to:

References:
- Re: how to chroot to /home/ an ssh acct
  - From: wagnerc@plebeian.com (Chris Wagner)

Prev by Date: Re: how to chroot to /home/ an ssh acct
Next by Date: Re: minicom - no termcap entry for unknown??
Previous by thread: Re: how to chroot to /home/ an ssh acct
Next by thread: [no subject]
Index(es):
- Date
- Thread