Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- it-wiki:linux:ssh_chrooted_jail [2021/03/10 20:57] – [Step 4: Configure SSH to Use Chroot Jail] marko
+++ it-wiki:linux:ssh_chrooted_jail [2021/03/10 21:06] (aktuell) – [Step 7. Testing SFTP with Chroot Jail] marko
@@ Zeile 122: / Zeile 122: @@
 **12.** Next, install a few user commands such as ls, date, mkdir in the ''bin'' directory:
+<code bash>
+# cp -v /bin/ls /home/test/bin/
+# cp -v /bin/date /home/test/bin/
+# cp -v /bin/mkdir /home/test/bin/
+</code>
+{{ :it-wiki:linux:add-commands-to-ssh-user.png?nolink |}}
+**13.** Next, check the shared libraries for the commands above and move them into the chrooted jail libraries directory:
+<code bash>
+# ldd /bin/ls
+# cp -v /lib64/{libselinux.so.1,libcap.so.2,libacl.so.1,libc.so.6,libpcre.so.1,libdl.so.2,ld-linux-x86-64.so.2,libattr.so.1,libpthread.so.0} /home/test/lib64/
+</code>
+{{ :it-wiki:linux:copy-shared-libraries.png?nolink |}}
+==== Step 7. Testing SFTP with Chroot Jail ====
+**14.** Do a final test using sftp; check if the commands you have just installed are working.
+Add the line below in the ''/etc/ssh/sshd_config'' file:
+<code bash>
+#Enable sftp to chrooted jail
+ForceCommand internal-sftp
+</code>
+Save the file and exit. Then restart the SSHD services:
+<code bash>
+# systemctl restart sshd
+</code>
+**15.** Now, test using SSH, you’ll get the following error:
+<code bash>
+# ssh tecmint@192.168.0.10
+</code>
+{{ :it-wiki:linux:test-ssh-chroot-jail.png?nolink |}}
+Try using SFTP as follows:
+<code>
+# sftp tecmint@192.168.0.10
+</code>
+{{ :it-wiki:linux:testing-sftp-ssh-user.png?nolink |}}