Re: chroot & port forwarding



As far as I know, to build a tunnel you must to log on the system...
Here is my sshd_conf:
Match group jailed
ChrootDirectory /home/jail/
X11Forwarding no
AllowTcpForwarding yes
(ok.. only a few lines of him)
The users from the group jailed can log on the system.
That is why I built an chroot enviroment on /home/jail.
I hope help

2010/1/25 Andrew Penhorwood <andrew@xxxxxxxxxxxx>:
I have openssh 5.x installed on a CentOS 5.x box.  All is working fine but I
wanted to add port forwarding to my chroot'ed users.  Most users are just
using SFTP that is chrooted to their web directory.  Now I need to give some
users access to MySQL over an SSH tunnel.  When I added the port forwarding
to the chroot'ed users the port forwarding does not work.  If I remove the
chroot the port forwarding works.

Any pointers would be a great help.

Andrew Penhorwood



--
---------------------------------------
- El conocimiento es poder -
- y el saber nos hace libres. -
----------------------------------
netvulcano.wordpress.com
Linux User #405757
Machine Linux #310536



Relevant Pages

  • RE: sshd port forwarding with no shell? chroot/jail?
    ... in the Match block you can also use ChrootDirectory. ... sshd port forwarding with no shell? ... I'd like to allow a client with an authorized key ... I tried just setting up the chroot with no files ...
    (SSH)
  • Re: Mystery of chroot
    ... Does one have to run something like udevd after chroot now? ... Probably works the same on Fedora as on SUSE, where before chroot you must: ... Team OS/2 ** Reg. ... Linux User #211409 ...
    (Fedora)