OpenSSH_5.1p1 pam_chroot for debian

這個版面主要討論 debian 在 server 端的應用問題, server 種類繁多..舉凡 Web Server 、 File Server、 DHCP Server..等等。

版主: 阿信

OpenSSH_5.1p1 pam_chroot for debian

文章訪客 » 週二 11月 25, 2008 3:48 pm

請問一下各位,為何我在/var/log/auth.log

會看到這些

Nov 25 12:37:11 xxxxx pam_chroot[16469]: session: reading config file (/etc/security/chroot.conf)
Nov 25 12:37:11 xxxxx pam_chroot[16469]: session: expanded path "/var/chroot/sshd" -> "/var/chroot/sshd"
Nov 25 12:37:11 xxxxx pam_chroot[16469]: session: found chroot_dir "/var/chroot/sshd" for user "orange"
Nov 25 12:37:11 xxxxx pam_chroot[16469]: session: preparing to chroot()

然後,在ssh login 的時候就斷線了,我是想作個限制login 目錄

/etc/security/chroot.conf 目錄
orange /var/chroot/sshd
=====================================

/etc/pam.d/sshd

session required pam_chroot.so debug
=====================================
/etc/pam.d/login

session required pam_chroot.so debug

/var/chroot/sshd

drwxr-xr-x 2 root root 4096 Nov 25 11:59 bin
drwxr-xr-x 3 root root 12288 Nov 25 12:31 dev
drwxr-xr-x 5 root root 4096 Nov 25 12:00 etc
drwx------ 3 root root 4096 Nov 25 12:04 home
drwxr-xr-x 3 root root 4096 Nov 25 11:59 lib
dr-xr-xr-x 146 root root 0 Nov 24 17:52 proc
drwxr-xr-x 2 root root 4096 Nov 25 12:00 sbin
drwxr-xr-x 2 root root 4096 Sep 16 15:38 selinux
drwxr-xr-x 4 root root 4096 Nov 25 11:59 usr
drwxr-xr-x 3 root root 4096 Nov 25 11:59 var

/etc/passwd/

orange:x:1019:1019::/var/chroot/sshd/home/orange:/var/chroot/sshd/bin/sh


/etc/ssh/sshd_config

UsePrivilegeSeparation no


mount :

/dev/hda3 on / type ext3 (rw,errors=remount-ro)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
usbfs on /proc/bus/usb type usbfs (rw)
/dev/hda1 on /boot type ext3 (rw)
/dev/hda4 on /home type ext3 (rw)
/dev/hdc1 on /backup type ext3 (rw)
tmpfs on /dev type tmpfs (rw,size=10M,mode=0755)
proc on /var/chroot/sshd/proc type proc (rw)
devpts on /var/chroot/sshd/dev/pts type devpts (rw)



為何會這樣......有人可以幫我嗎
訪客
 

回到 debian server

誰在線上

正在瀏覽這個版面的使用者:沒有註冊會員 和 1 位訪客