If the users logs in, he starts in / of the chroot (Which is /var/jail on the real machine). I would like him to start in his home-dir. Also, he seems not to load any of his profile-files (.bash.rc etc). I followed this tutorial to create the chroot environment. This is what my /etc/passwd looks like:
test:x:1004:1008:,,,:/var/jail/home/test:/bin/bash
this is what my /var/jail/etc/passwd file looks like:
test:x:1004:1008:,,,:/home/test:/bin/bash
I also found out that, if I remove
Match User test
ChrootDirectory /var/jail
AllowTCPForwarding no
X11Forwarding no
from my /etc/ssh/sshd_config, the user starts in his correct home-folder and with his bash-settings loaded. However, he is able to leave the chroot-environment if I remove that part. This question I asked before is somewhat related, since I think the wrong look of the commandline is caused from the not loaded profile-files. So any ideas how to fix this?
Best Answer
Your configuration is correct except for a small detail: the home directory in
/etc/passwd
should not contain the chroot path part. Change it to:restart
sshd
and try again.From
man sshd_config
:That is, first
sshd
executeschroot
(in our casechroot /var/jail
), and thensshd
changes the directory to the user's homedir (in our casecd /home/test
- in a chrooted environmentcd /var/jail/home/test
wouldn't work).If you are using Debian/Ubuntu (since the tutorial you mention is for Debian) you may want to create a file named
/var/jail/etc/debian_chroot
with contents "chroot", this will appear in the user prompt in parentheses like this:(chroot)test@servername:~$
.(I've duplicated your configuration on my Ubuntu 12.04 and it has worked after removing
/var/jail
from user test's entry in/etc/passwd
.)