Hello. I've tried to follow the sftp + chroot_safe tutorial<http://crux.nu/Main/ChrootSFTP>on the crux page but I can't get it to work. I can sftp/ssh to my machine as my usual user so I think the basic ssh/sftp setup is ok. I've followed the tutorial in minute detail but when I attempt to sftp as the sftp-user the connection is cut immediately without error messages. I've added my usual user to the /etc/sudoers exactly like the sftp usr and when I run sudo /usr/lib/ssh/sftp-server-chroot I get this output: Couldn't open /dev/null: No such file or directory If I do a strace /usr/lib/ssh/sftp-server I can see that the sftp-server prg performs an open(/dev/null) but when I have chrooted to the sftp usr home dir the /dev/null is not there, of course. Does anyone of you have any idea of what I'm doing wrong or how I can get this to work? Thanks, Martin
If I do a su <sftp user> I get this error: Cannot execute /usr/lib/ssh/sftp-server-chroot: Exec format error I'm not sure what privileges should be set on the chroot script, at the moment it is like this: # ls -l /usr/lib/ssh/ -rwxrwxrwx 1 root root 216 Dec 3 20:31 sftp-server-chroot Regards, Martin On 12/3/06, Martin Nordin <martin.nordin@gmail.com> wrote:
Hello.
I've tried to follow the sftp + chroot_safe tutorial <http://crux.nu/Main/ChrootSFTP> on the crux page but I can't get it to work.
I can sftp/ssh to my machine as my usual user so I think the basic ssh/sftp setup is ok.
I've followed the tutorial in minute detail but when I attempt to sftp as the sftp-user the connection is cut immediately without error messages.
I've added my usual user to the /etc/sudoers exactly like the sftp usr and when I run sudo /usr/lib/ssh/sftp-server-chroot I get this output: Couldn't open /dev/null: No such file or directory
If I do a strace /usr/lib/ssh/sftp-server I can see that the sftp-server prg performs an open(/dev/null) but when I have chrooted to the sftp usr home dir the /dev/null is not there, of course.
Does anyone of you have any idea of what I'm doing wrong or how I can get this to work?
Thanks, Martin
Hi, You need to create the /dev/null device in each user's home directory... e.g.: mknod /dev/null c 2 2 The sftp server requires access to /dev/null starting in more recent releases, and the chroot_safe script does not provide it that access. Hope this helps! -Adam On 12/3/06, Martin Nordin <martin.nordin@gmail.com> wrote:
If I do a su <sftp user> I get this error:
Cannot execute /usr/lib/ssh/sftp-server-chroot: Exec format error
I'm not sure what privileges should be set on the chroot script, at the moment it is like this: # ls -l /usr/lib/ssh/ -rwxrwxrwx 1 root root 216 Dec 3 20:31 sftp-server-chroot
Regards, Martin
On 12/3/06, Martin Nordin < martin.nordin@gmail.com> wrote:
Hello.
I've tried to follow the sftp + chroot_safe tutorial on the crux page but
I can't get it to work.
I can sftp/ssh to my machine as my usual user so I think the basic
ssh/sftp setup is ok.
I've followed the tutorial in minute detail but when I attempt to sftp as
the sftp-user the connection is cut immediately without error messages.
I've added my usual user to the /etc/sudoers exactly like the sftp usr and
Couldn't open /dev/null: No such file or directory
If I do a strace /usr/lib/ssh/sftp-server I can see that the sftp-server
when I run sudo /usr/lib/ssh/sftp-server-chroot I get this output: prg performs an open(/dev/null) but when I have chrooted to the sftp usr home dir the /dev/null is not there, of course.
Does anyone of you have any idea of what I'm doing wrong or how I can get
this to work?
Thanks, Martin
On 12/3/06, Adam Ronthal <aronthal@fugue.net> wrote:
Hi,
You need to create the /dev/null device in each user's home directory... e.g.:
mknod /dev/null c 2 2
The sftp server requires access to /dev/null starting in more recent releases, and the chroot_safe script does not provide it that access.
Hope this helps!
-Adam
Thanks Adam, now it works beautifully. I did have to add #!/bin/sh to the top of sftp-server-chroot script in order for it to work. This may have been implicitly obvious to all previous readers of the how-to, however I thought it would execute by some magic thingie behind the scenes, or maybe I just didn't think. Maybe someone with an account on crux.nu could update the script with #!/bin/sh and add a note about the /dev/null creation for the benefit of future dummies like myself. Best Regards, Martin
Hi Martin
Maybe someone with an account on crux.nu could update the script with #!/bin/sh and add a note about the /dev/null creation for the benefit of future dummies like myself.
Done! But, if you want write down your own experiences, please check the password-free public wiki at: http://crux.nu/Public/ Falk -- [root@Linux] chown linux.users /world
participants (3)
-
Adam Ronthal -
Falk Hamann -
Martin Nordin