ssh chroot + putty = nenhum arquivo ou diretório

0

alguém teve o mesmo problema?

Eu estava configurando o chroot para o sshd (OpenSSH_6.7p1 Debian-5 + deb8u3, OpenSSL 1.0.1t 3 de maio de 2016; Debian Jessie)

Como resultado WinScp faz o login com sucesso, e o putty fecha com o erro: não poderia chdir para o diretório home / home / USER nenhum arquivo ou diretório.

No entanto, criei diretórios emty / home / USER em chroot dir.

logs sshd:

Jan  8 15:03:36 NAS sshd[30389]: Connection from 192.168.1.106 port 49939 on 192.168.1.99 port 22 
Jan  8 15:03:38 NAS sshd[30389]: Postponed keyboard-interactive for USER from 192.168.1.106 port 49939 ssh2 [preauth] 
Jan  8 15:03:44 NAS sshd[30389]: Postponed keyboard-interactive/pam for USER from 192.168.1.106 port 49939 ssh2 [preauth] 
Jan  8 15:03:44 NAS sshd[30389]: Accepted keyboard-interactive/pam for USER from 192.168.1.106 port 49939 ssh2 
Jan  8 15:03:44 NAS sshd[30389]: pam_unix(sshd:session): session opened for user USER by (uid=0) 
Jan  8 15:03:44 NAS systemd[1]: Starting user-1000.slice. 
Jan  8 15:03:44 NAS systemd[1]: Created slice user-1000.slice. 
Jan  8 15:03:44 NAS systemd[1]: Starting User Manager for UID 1000... 
Jan  8 15:03:44 NAS systemd-logind[467]: New session c113 of user USER. 
Jan  8 15:03:44 NAS systemd[1]: Starting Session c113 of user USER. 
Jan  8 15:03:44 NAS systemd[1]: Started Session c113 of user USER. 
Jan  8 15:03:44 NAS systemd: pam_unix(systemd-user:session): session opened for user USER by (uid=0) 
Jan  8 15:03:45 NAS systemd[30398]: Starting Paths. 
Jan  8 15:03:45 NAS systemd[30398]: Reached target Paths. 
Jan  8 15:03:45 NAS systemd[30398]: Starting Timers. 
Jan  8 15:03:45 NAS systemd[30398]: Reached target Timers. 
Jan  8 15:03:45 NAS systemd[30398]: Starting Sockets. 
Jan  8 15:03:45 NAS systemd[30398]: Reached target Sockets. 
Jan  8 15:03:45 NAS systemd[30398]: Starting Basic System. 
Jan  8 15:03:45 NAS systemd[30398]: Reached target Basic System. 
Jan  8 15:03:45 NAS systemd[30398]: Starting Default. 
Jan  8 15:03:45 NAS systemd[30398]: Reached target Default. 
Jan  8 15:03:45 NAS systemd[30398]: Startup finished in 383ms. 
Jan  8 15:03:45 NAS systemd[1]: Started User Manager for UID 1000. 
Jan  8 15:03:45 NAS sshd[30389]: User child is on pid 30407 
Jan  8 15:03:45 NAS sshd[30407]: Changed root directory to "/home/USER" 
Jan  8 15:03:45 NAS sshd[30389]: pam_unix(sshd:session): session closed for user USER 
Jan  8 15:03:45 NAS systemd-logind[467]: Removed session c113. 
Jan  8 15:03:45 NAS systemd[1]: Stopping User Manager for UID 1000... 
Jan  8 15:03:45 NAS systemd[30398]: Stopping Default. 
Jan  8 15:03:45 NAS systemd[30398]: Stopped target Default. 
Jan  8 15:03:45 NAS systemd[30398]: Stopping Basic System. 
Jan  8 15:03:45 NAS systemd[30398]: Stopped target Basic System. 
Jan  8 15:03:45 NAS systemd[30398]: Stopping Paths. 
Jan  8 15:03:45 NAS systemd[30398]: Stopped target Paths. 
Jan  8 15:03:45 NAS systemd[30398]: Stopping Timers. 
Jan  8 15:03:45 NAS systemd[30398]: Stopped target Timers. 
Jan  8 15:03:45 NAS systemd[30398]: Stopping Sockets. 
Jan  8 15:03:45 NAS systemd[30398]: Stopped target Sockets. 
Jan  8 15:03:45 NAS systemd[30398]: Starting Shutdown. 
Jan  8 15:03:45 NAS systemd[30398]: Reached target Shutdown. 
Jan  8 15:03:45 NAS systemd[30398]: Starting Exit the Session... 
Jan  8 15:03:45 NAS systemd[30398]: Received SIGRTMIN+24 from PID 30419 (kill). 
Jan  8 15:03:45 NAS systemd: pam_unix(systemd-user:session): session closed for user USER 
Jan  8 15:03:45 NAS systemd[1]: Stopped User Manager for UID 1000. 
Jan  8 15:03:45 NAS systemd[1]: Stopping user-1000.slice. 
Jan  8 15:03:45 NAS systemd[1]: Removed slice user-1000.slice.

Foi assim que criei o chroot:

mkdir -p /DataVolume/USER/{dev,etc,lib,usr,bin} 
mkdir -p /DataVolume/USER/usr/bin 
mknod -m 666 /DataVolume/USER/dev/null c 1 3 
cd /DataVolume/USER/etc 
cp /etc/ld.so.cache . 
cp /etc/ld.so.conf . 
cp /etc/nsswitch.conf . 
cp /etc/hosts . 
cd /DataVolume/USER/usr/bin 
cp /bin/ls . 
cp /bin/bash . 
cd /sbin 
wget -O l2chroot http://www.cyberciti.biz/files/lighttpd/l2chroot.txt 
chmod +x l2chroot  
chown root: /DataVolume/USER && 
chmod 755 /DataVolume/USER 
mkdir -p /home/USER 
mount -o bind /DataVolume/USER /home/USER

config sshd:

Subsystem sftp internal-sftp -f AUTH -l VERBOSE 
Match user USER 
  ChrootDirectory %h 
  ForceCommand internal-sftp 
  AllowTcpForwarding no 
  PermitTunnel no 
  AllowAgentForwarding no 
  X11Forwarding no

usuário:

USER:x:1000:1003::/home/USER:/bin/rbash
    
por OddStan 08.01.2018 / 17:41

0 respostas