[Lug-bg] Помощ за debug на chroot с OpenSSH.
- Subject: [Lug-bg] Помощ за debug на chroot с OpenSSH.
- From: Kristian Kirilov <d3v1ous@xxxxxxxxxxxx>
- Date: Thu, 02 Jul 2009 15:36:42 +0300
Здравейте,
преди време бях писал и дойде момента да тествам разни неща. Карам по
този урок
http://d3v1ous.d3v1ous.info/Helpfull%20Documents%20EN/chroot-openssh-easyest-way,
с SFTP-то нямам проблем, chroot-нат съм в homedir-a, но при ssh loggin
нещата не стоят точно така, т.е. намирам се в нещо като /dev/null :))).
Общо взето нещата са такива:
/etc/ssh/sshd_config
Subsystem sftp internal-sftp
Match Group sftp
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
Това е на края на файла. От своя страна потребителя d3v1ous се намира в
група sftp:
root@217-18-252-139:~# id d3v1ous
uid=1000(d3v1ous) gid=1000(d3v1ous) groups=1000(d3v1ous),1001(sftp)
root@217-18-252-139:~#
В /etc/passwd нещата изглеждат така:
root@217-18-252-139:~# grep d3v1ous /etc/passwd
d3v1ous:x:1000:1000:,,,:/home/jail/home/d3v1ous:/bin/bash
root@217-18-252-139:~#
В /home/jail директориината структура е изградена по гореспоменатият урок.
При логин нещата изглеждат така:
root@217-18-252-139:~# ssh d3v1ous@localhost
d3v1ous@localhost's password:
ls
ps x
Connection to localhost closed.
root@217-18-252-139:~#
В /var/log/auth.log:
root@217-18-252-139:~# tail /var/log/auth.log
Jul 2 15:29:26 217-18-252-139 sshd[6145]: Accepted password for d3v1ous
from 127.0.0.1 port 47889 ssh2
Jul 2 15:29:26 217-18-252-139 sshd[6145]: pam_unix(sshd:session):
session opened for user d3v1ous by (uid=0)
Jul 2 15:29:28 217-18-252-139 sshd[6145]: pam_unix(sshd:session):
session closed for user d3v1ous
Jul 2 15:34:53 217-18-252-139 sshd[6156]: Accepted password for d3v1ous
from 127.0.0.1 port 45580 ssh2
Jul 2 15:34:53 217-18-252-139 sshd[6156]: pam_unix(sshd:session):
session opened for user d3v1ous by (uid=0)
Jul 2 15:35:00 217-18-252-139 sshd[6156]: pam_unix(sshd:session):
session closed for user d3v1ous
Jul 2 15:35:05 217-18-252-139 sshd[6163]: Accepted password for d3v1ous
from 127.0.0.1 port 45581 ssh2
Jul 2 15:35:05 217-18-252-139 sshd[6163]: pam_unix(sshd:session):
session opened for user d3v1ous by (uid=0)
Jul 2 15:35:11 217-18-252-139 sshd[6163]: pam_unix(sshd:session):
session closed for user d3v1ous
root@217-18-252-139:~#
При дебъг логин няма нищо нередно.
d3v1ous@localhost's password:
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@xxxxxxxxxxx
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
ls
ls -ladebug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@xxxxxxxxxxx reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to localhost closed.
Transferred: sent 2016, received 2296 bytes, in 7.0 seconds
Bytes per second: sent 287.1, received 327.0
debug1: Exit status 11
root@217-18-252-139:~#
Ако имате някакви предложения :))
Поздрави
К.Кирилов
_______________________________________________
Lug-bg mailing list
Lug-bg@xxxxxxxxxxxxxxxxxx
http://linux-bulgaria.org/mailman/listinfo/lug-bg
|