Re: [off-topic?] Chrooting ssh/telnet users?

To: debian-security@lists.debian.org
Subject: Re: [off-topic?] Chrooting ssh/telnet users?
From: Christian Kurz <shorty@debian.org>
Date: Mon, 29 Oct 2001 13:51:48 +0100
Message-id: <20011029135148.A699@salem.getuid.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20011029092054.A11752@easter-eggs.com>
References: <D10B3BC6A35AD3119F3E00508B4411A207763F54@wncorpex2.nzpost.co.nz> <20011029092054.A11752@easter-eggs.com>

On 29/10/01, Emmanuel Lacour wrote:
> On Mon, Oct 29, 2001 at 09:48:00AM +1300, Stephen Andrew wrote:
> What about a package ssh-chroot in debian? I think the pam module is
> more interesting as it can be aplied to other thinks, but I tried it and
> was unable to make it working (I'm not a pam master!!).

What do you exactly mean "unable to make it working"? Did you change
/etc/pam.d/ssh(d?) to contain a line like this:

|session required /lib/security/pam_chroot.so debug onerr=fail

If yes, did you check logfiles for any hints? If yes, what kind of error
message did you get? Does ssh -v show any helpful info? I haven't used
that pam-module so far, but I don't think that it will be so difficult
to get it working.

Christian
-- 
           Debian Developer (http://www.debian.org)
1024/26CC7853 31E6 A8CA 68FC 284F 7D16  63EC A9E6 67FF 26CC 7853

Attachment: pgpgxhnBWblBC.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: [off-topic?] Chrooting ssh/telnet users?
  - From: Emmanuel Lacour <elacour@easter-eggs.com>

References:
- RE: [off-topic?] Chrooting ssh/telnet users?
  - From: Stephen Andrew <Andrew.Stephen@nzpost.co.nz>
- Re: [off-topic?] Chrooting ssh/telnet users?
  - From: Emmanuel Lacour <elacour@easter-eggs.com>

Prev by Date: AIDE database corrupt
Next by Date: Re: [off-topic?] Chrooting ssh/telnet users?
Previous by thread: Re: [off-topic?] Chrooting ssh/telnet users?
Next by thread: Re: [off-topic?] Chrooting ssh/telnet users?
Index(es):
- Date
- Thread