I'm trying to set up jailkit on one of my servers which is running Debian 5. I created a new ssh user (bob) and a chroot directory for him (/var/www/bob). I gave the chroot the extshellplusnet and limitedshell options with the following commands:
jk_init -c /etc/jailkit/jk_init.ini -j /var/www/bob/ extshellplusnet
jk_init -c /etc/jailkit/jk_init.ini -j /var/www/bob/ limitedshell
And then I jailed him:
jk_jailuser -m -j /var/www/bob bob
When I try to ssh in as bob, it connects, I get the banner, and then it disconnects. My auth.log looks like this:
Aug 25 05:04:36 server sshd[29885]: Accepted password for bob from 123.45.6.7 port 50624 ssh2
Aug 25 05:04:36 server sshd[29885]: pam_unix(sshd:session): session opened for user bob by (uid=0)
Aug 25 05:04:36 server jk_chrootsh[29942]: now entering jail /var/www/bob for user bob (1001) with arguments
Aug 25 05:04:36 server sshd[29885]: pam_unix(sshd:session): session closed for user bob
My non-jailed users work just fine, and I don't seem to be getting any permission errors. Any ideas?
Firstly turn you SSH logs to DEBUG3 by replacing in the sshd_config file :
LogLevel INFO
byLogLevel DEBUG3
You will see more information why SSH did close the connection.
Then Ensure you have all the shell need to run in chrooted environment :
null
pseudo device is the /var/www/bob/dev directory. You can create it typing :mknod /var/www/bob/dev/null c 1 3
strace
command.strace chroot /var/www/bob/ /bin/bash