1

How can I SSH into a schroot environment using ssh [email protected] rather than schroot -c test as user sshuser ?

I have read an array of web post on creating a jailed chroot then setting up SSH to limit the user to the jail. I'm trying to set up a schroot environment following this link: https://wiki.debian.org/Schroot

Kusalananda
  • 320,670
  • 36
  • 633
  • 936
icebowl
  • 37
  • 1
  • 3
  • Are you aware that ssh can be configured to limit users or groups to certain directories and shells? Is it necessary for this user to have access to both the chroot and the rest of the system hence the need for `schroot`? I ask because this depends on the type of answer you are looking for. Do you need a ssh user to have full system access but on start up of ssh use `schroot` to enter your chroot automatically? Or does this user just need to be limited to the chroot when it logs in? – kemotep Mar 17 '19 at 14:43
  • Thank you. I currently have a jailed chroot at: "/srv/chroot" . I have configured sshd_conf so a group with users are limited to this jail with limited bash. What I am trying to do is use debain schroot to create a different kernel then limit the user to that kernel https://wiki.debian.org/Schroot. I think I just need to combine jailed chroot and schroot and look at .bashrc. I need to figure out if uses gets ceated with bin/bash. "useradd -m -d /direcotry/sshuser sshuser -s /bin/bas" – icebowl Mar 18 '19 at 11:48
  • `schroot` just allows a non-root user to create a `chroot` with a bunch of common defaults for binaries and libaries and the overall filesystem structure. A `schroot` inside of a `chroot` does not sound necessary as the chroot would have to provide all of the necessary libraries and binaries for the `schroot` duplicating your efforts but not accomplishing your goals. You might need to look into containerization or virtualization to complete this task. – kemotep Mar 18 '19 at 12:51
  • Thank you. I'm going to look into "containerization" . I appreciate the post(s) – icebowl Mar 22 '19 at 01:45

1 Answers1

0

using schroot with sshd, you have to change sshd_config

Match User sshuser
   # %u is replaced by the username, %h is the full home path
   #ChrootDirectory /srv/chroot/test/%u
   #ChrootDirectory %h
   ForceCommand schroot -c test -u sshuser
dawi
  • 1