<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7226.0">
<TITLE>Pam_chroot</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P><FONT SIZE=2 FACE="Arial">I am trying to configure pam_chroot on Redhat ES4. My log files are really not giving me any information regarding chroot.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">What am I doing wrong? Does anyone have any documentation on how to setup chroot for SSH on RedHat? </FONT>
<BR><FONT SIZE=2 FACE="Arial">I haven't been able to find any good documentation regarding pam_chroot. Any help is greatly appreciated.</FONT>
</P>
<BR>
<P><FONT SIZE=2 FACE="Arial">My etc/pam.d/sshd configuration is below:</FONT>
<BR><FONT SIZE=2 FACE="Arial">#%PAM-1.0</FONT>
<BR><FONT SIZE=2 FACE="Arial">auth required pam_stack.so service=system-auth</FONT>
<BR><FONT SIZE=2 FACE="Arial">auth required pam_nologin.so</FONT>
<BR><FONT SIZE=2 FACE="Arial">account required pam_stack.so service=system-auth</FONT>
<BR><FONT SIZE=2 FACE="Arial">password required pam_stack.so service=system-auth</FONT>
<BR><FONT SIZE=2 FACE="Arial">session required /lib/security/pam_chroot.so debug</FONT>
<BR><FONT SIZE=2 FACE="Arial">session required pam_stack.so service=system-auth</FONT>
<BR><FONT SIZE=2 FACE="Arial">session required pam_loginuid.so</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">My /etc/security/chroot.conf looks like this</FONT>
<BR><FONT SIZE=2 FACE="Arial">more chroot.conf</FONT>
<BR><FONT SIZE=2 FACE="Arial"># /etc/security/chroot.conf</FONT>
<BR><FONT SIZE=2 FACE="Arial"># format:</FONT>
<BR><FONT SIZE=2 FACE="Arial"># username_regex chroot_dir</FONT>
<BR><FONT SIZE=2 FACE="Arial">jdoe /home/jdoe</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">/home/jdoe looks like this:</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">-rw------- 1 root root 92 Mar 19 23:13 .bash_history</FONT>
<BR><FONT SIZE=2 FACE="Arial">-rw-r--r-- 1 root root 41 Mar 16 15:55 .bash_login</FONT>
<BR><FONT SIZE=2 FACE="Arial">-rw-r--r-- 1 root root 20 Mar 16 13:58 .bash_logout</FONT>
<BR><FONT SIZE=2 FACE="Arial">-rw-r--r-- 1 root root 131 Mar 16 16:21 .bash_profile</FONT>
<BR><FONT SIZE=2 FACE="Arial">-rw-r--r-- 1 root root 124 Mar 16 13:51 .bashrc</FONT>
<BR><FONT SIZE=2 FACE="Arial">drwxr-xr-x 2 root root 4096 Mar 22 11:53 bin</FONT>
<BR><FONT SIZE=2 FACE="Arial">drwxr-xr-x 2 root root 4096 Mar 22 11:56 home</FONT>
<BR><FONT SIZE=2 FACE="Arial">drwxr-xr-x 2 root root 4096 Mar 22 11:58 lib</FONT>
<BR><FONT SIZE=2 FACE="Arial">-rw-r--r-- 1 root root 27 Mar 16 16:16 .profile</FONT>
<BR><FONT SIZE=2 FACE="Arial">drwx------ 2 jdoe jdoe 4096 Mar 16 13:56 .ssh</FONT>
<BR><FONT SIZE=2 FACE="Arial">-rw------- 1 jdoe jdoe 426 Mar 22 12:36 .Xauthority</FONT>
</P>
<BR>
<BR>
<P><FONT SIZE=2 FACE="Arial">Kevin D. Alford</FONT>
</P>
<BR>
</BODY>
</HTML>