alguém teve o mesmo problema?
Eu estava configurando o chroot para o sshd (OpenSSH_6.7p1 Debian-5 + deb8u3, OpenSSL 1.0.1t 3 de maio de 2016; Debian Jessie)
Como resultado WinScp faz o login com sucesso, e o putty fecha com o erro: não poderia chdir para o diretório home / home / USER nenhum arquivo ou diretório.
No entanto, criei diretórios emty / home / USER em chroot dir.
logs sshd:
Jan 8 15:03:36 NAS sshd[30389]: Connection from 192.168.1.106 port 49939 on 192.168.1.99 port 22
Jan 8 15:03:38 NAS sshd[30389]: Postponed keyboard-interactive for USER from 192.168.1.106 port 49939 ssh2 [preauth]
Jan 8 15:03:44 NAS sshd[30389]: Postponed keyboard-interactive/pam for USER from 192.168.1.106 port 49939 ssh2 [preauth]
Jan 8 15:03:44 NAS sshd[30389]: Accepted keyboard-interactive/pam for USER from 192.168.1.106 port 49939 ssh2
Jan 8 15:03:44 NAS sshd[30389]: pam_unix(sshd:session): session opened for user USER by (uid=0)
Jan 8 15:03:44 NAS systemd[1]: Starting user-1000.slice.
Jan 8 15:03:44 NAS systemd[1]: Created slice user-1000.slice.
Jan 8 15:03:44 NAS systemd[1]: Starting User Manager for UID 1000...
Jan 8 15:03:44 NAS systemd-logind[467]: New session c113 of user USER.
Jan 8 15:03:44 NAS systemd[1]: Starting Session c113 of user USER.
Jan 8 15:03:44 NAS systemd[1]: Started Session c113 of user USER.
Jan 8 15:03:44 NAS systemd: pam_unix(systemd-user:session): session opened for user USER by (uid=0)
Jan 8 15:03:45 NAS systemd[30398]: Starting Paths.
Jan 8 15:03:45 NAS systemd[30398]: Reached target Paths.
Jan 8 15:03:45 NAS systemd[30398]: Starting Timers.
Jan 8 15:03:45 NAS systemd[30398]: Reached target Timers.
Jan 8 15:03:45 NAS systemd[30398]: Starting Sockets.
Jan 8 15:03:45 NAS systemd[30398]: Reached target Sockets.
Jan 8 15:03:45 NAS systemd[30398]: Starting Basic System.
Jan 8 15:03:45 NAS systemd[30398]: Reached target Basic System.
Jan 8 15:03:45 NAS systemd[30398]: Starting Default.
Jan 8 15:03:45 NAS systemd[30398]: Reached target Default.
Jan 8 15:03:45 NAS systemd[30398]: Startup finished in 383ms.
Jan 8 15:03:45 NAS systemd[1]: Started User Manager for UID 1000.
Jan 8 15:03:45 NAS sshd[30389]: User child is on pid 30407
Jan 8 15:03:45 NAS sshd[30407]: Changed root directory to "/home/USER"
Jan 8 15:03:45 NAS sshd[30389]: pam_unix(sshd:session): session closed for user USER
Jan 8 15:03:45 NAS systemd-logind[467]: Removed session c113.
Jan 8 15:03:45 NAS systemd[1]: Stopping User Manager for UID 1000...
Jan 8 15:03:45 NAS systemd[30398]: Stopping Default.
Jan 8 15:03:45 NAS systemd[30398]: Stopped target Default.
Jan 8 15:03:45 NAS systemd[30398]: Stopping Basic System.
Jan 8 15:03:45 NAS systemd[30398]: Stopped target Basic System.
Jan 8 15:03:45 NAS systemd[30398]: Stopping Paths.
Jan 8 15:03:45 NAS systemd[30398]: Stopped target Paths.
Jan 8 15:03:45 NAS systemd[30398]: Stopping Timers.
Jan 8 15:03:45 NAS systemd[30398]: Stopped target Timers.
Jan 8 15:03:45 NAS systemd[30398]: Stopping Sockets.
Jan 8 15:03:45 NAS systemd[30398]: Stopped target Sockets.
Jan 8 15:03:45 NAS systemd[30398]: Starting Shutdown.
Jan 8 15:03:45 NAS systemd[30398]: Reached target Shutdown.
Jan 8 15:03:45 NAS systemd[30398]: Starting Exit the Session...
Jan 8 15:03:45 NAS systemd[30398]: Received SIGRTMIN+24 from PID 30419 (kill).
Jan 8 15:03:45 NAS systemd: pam_unix(systemd-user:session): session closed for user USER
Jan 8 15:03:45 NAS systemd[1]: Stopped User Manager for UID 1000.
Jan 8 15:03:45 NAS systemd[1]: Stopping user-1000.slice.
Jan 8 15:03:45 NAS systemd[1]: Removed slice user-1000.slice.
Foi assim que criei o chroot:
mkdir -p /DataVolume/USER/{dev,etc,lib,usr,bin}
mkdir -p /DataVolume/USER/usr/bin
mknod -m 666 /DataVolume/USER/dev/null c 1 3
cd /DataVolume/USER/etc
cp /etc/ld.so.cache .
cp /etc/ld.so.conf .
cp /etc/nsswitch.conf .
cp /etc/hosts .
cd /DataVolume/USER/usr/bin
cp /bin/ls .
cp /bin/bash .
cd /sbin
wget -O l2chroot http://www.cyberciti.biz/files/lighttpd/l2chroot.txt
chmod +x l2chroot
chown root: /DataVolume/USER &&
chmod 755 /DataVolume/USER
mkdir -p /home/USER
mount -o bind /DataVolume/USER /home/USER
config sshd:
Subsystem sftp internal-sftp -f AUTH -l VERBOSE
Match user USER
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
PermitTunnel no
AllowAgentForwarding no
X11Forwarding no
usuário:
USER:x:1000:1003::/home/USER:/bin/rbash