chrooted-ssh - problems verifying users

To: debian-user@lists.debian.org
Subject: chrooted-ssh - problems verifying users
From: a@jenisch.at
Date: Wed, 5 Nov 2003 12:08:16 +0100
Message-id: <[🔎] 20031105110816.GA19911@athena.oekb.co.at>
Hi,

My problem is with setting up ssh in a chrooted environment:

The box in question is running Debian 2.4 "unstable" (2.4.18-bf2.4)
with the following relevant packages installed:

ii  makejail       0.0.5-4        Automatically create chroot jails for 
progra
ii  fileutils      5.0.91-2       The GNU file management utilities 
(transitio
as well as

ssh_3.4p1-1.woody.3+chroot3.5p1_i386.deb
(http://debian.home-dn.net/woody/ssh) as per the instructions on
http://www.debian.org/doc/manuals/securing-debian-howto/ap-chroot-ssh-env.en.html

Installation i.e. makejail /usr/share/doc/makejail/examples/sshd.py
runs OK the daemon gets started.


The problem:

Can't log in via ssh - neither as a user that is in the
chrooted-environment nor as a user in a non-chrooted environment.

/var/chroot/sshd gets set up with e.g./var/chroot/sshd/etc/passwd
containing only an entry for "sshd". So I've modified both passwd,
shadow, group in the chrooted-dir by entering copies of the respective
entries in the main password-file but that didn't change anything.

I've included both the debug-output of the ssh-session on the
client-side as well as the debug-output from the sshd on the server
side.

What I've been trying in this context is to log into the box as user
"evil" which has the following passwd-entry:

evil:x:1002:1002:The Evil,,,:/home/evil/./:/bin/bash


Thanks much in advance for any clue,
-ewald

------------------------------ < Cut here > -----------------------------

Debug-output of ssh on client-side:

$ ssh vmware -v -l evil
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be 
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to vmware [143.245.2.244] port 22.
debug1: Connection established.
debug1: identity file /home/ej/.ssh/identity type -1
debug1: identity file /home/ej/.ssh/id_rsa type -1
debug1: identity file /home/ej/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version 
OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3+chroot3.5p1
debug1: match: OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3+chroot3.5p1 pat 
OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 136/256
debug1: bits set: 1619/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'vmware' is known and matches the RSA host key.
debug1: Found key in /home/ej/.ssh/known_hosts:29
debug1: bits set: 1620/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: 
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/ej/.ssh/identity
debug1: try privkey: /home/ej/.ssh/id_rsa
debug1: try privkey: /home/ej/.ssh/id_dsa
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue: 
publickey,password,keyboard-interactive
debug1: next auth method to try is password
evil@vmware's password:
debug1: authentications that can continue: 
publickey,password,keyboard-interactive
Permission denied, please try again.
evil@vmware's password:
debug1: authentications that can continue: 
publickey,password,keyboard-interactive
Permission denied, please try again.
evil@vmware's password:
debug1: authentications that can continue: 
publickey,password,keyboard-interactive
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x80675a0(0x0)
$

------------------------------ < Cut here > ------------------------------

Debug-output of sshd on server-side:

debug1: sshd version OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3+chroot3.5p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 143.245.83.20 port 32824
debug1: Client protocol version 2.0; client software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1 Debian 
1:3.4p1-1.woody.3+chroot3.5p1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 133/256
debug1: bits set: 1620/3191
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1619/3191
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user evil service ssh-connection method none
debug1: attempt 0 failures 0
input_userauth_request: illegal user evil
debug1: Starting up PAM with username "NOUSER"
Could not reverse map address 143.245.83.20.
debug1: PAM setting rhost to "143.245.83.20"
Failed none for illegal user evil from 143.245.83.20 port 32824 ssh2
debug1: userauth-request for user evil service ssh-connection method 
keyboard-interactive
debug1: attempt 1 failures 1
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=evil devs=
debug1: kbdint_alloc: devices ''
Failed keyboard-interactive for illegal user evil from 143.245.83.20 
port 32824 ssh2
debug1: userauth-request for user evil service ssh-connection method 
password
debug1: attempt 2 failures 2
Failed password for illegal user evil from 143.245.83.20 port 32824 ssh2
debug1: userauth-request for user evil service ssh-connection method 
password
debug1: attempt 3 failures 3
Failed password for illegal user evil from 143.245.83.20 port 32824 ssh2
debug1: userauth-request for user evil service ssh-connection method 
password
debug1: attempt 4 failures 4
Failed password for illegal user evil from 143.245.83.20 port 32824 ssh2
Connection closed by 143.245.83.20
debug1: Calling cleanup 0x806bedc(0x0)
debug1: Calling cleanup 0x8052b48(0x0)
debug1: Calling cleanup 0x806bedc(0x0)
Reply to:
Prev by Date: warning: LFS (largefile support) silently dropped from g++-3.3 in sarge
Next by Date: Re: Some newbie questions
Previous by thread: warning: LFS (largefile support) silently dropped from g++-3.3 in sarge
Next by thread: virtual terminal not working compaq armada
Index(es):
- Date
- Thread