chrooted ssh user and /dev/tty permission denied
krad
kraduk at gmail.com
Thu Jan 20 09:45:05 UTC 2011
On 20 January 2011 09:06, Ibrahim Harrani <ibrahim.harrani at gmail.com> wrote:
> Hi,
>
> I have a problem with making remote ssh connection in chroot env.
>
> I configured chroot in sshd_config on FreeBSD 8.1 like following.
>
> Match user myuser
> ChrootDirectory /opt/root/myuser
> X11Forwarding no
> AllowTcpForwarding no
> RSAAuthentication yes
> PubkeyAuthentication yes
>
> and configured fstab like following.
>
> devfs /opt/root/myuser/dev devfs rw 0 0
>
> and rc.conf
> devfs_set_rulesets="/opt/root/myuser/dev=devfsrules_jail
>
> I copied all binaries and libs (such as ssh,ls,pwd,ftp,scp) also.
>
> I can make ssh connection with this user to chroot enviorment successfully.
> When I tried to make a ssh/scp/sftp connection to remote box in chroot. I got
>
> "cannot open /dev/tty: permission denied" message.
>
> The permission of /dev/tty is following on chroot's /dev directory
>
> crw--w---- 1 root tty 0, 88 Jan 20 11:02 /dev/tty
>
> I tired to change permission as root from out of the chroot by chmod,
> the permission never change.
>
> What should I do to make a remo ssh conn inside of the chroot env?
>
> Thanks.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
Just of a matter of interest, why are you using ssh chroot rather than
a full jail? You might have more success with a real jail. If there
are ip limitations bind it to a loopback address then forward on the
ssh connections from a non standard port on the public interface eg
port 2222
More information about the freebsd-questions
mailing list