On Mon, 17 Mar 2014, Brian Rosenberger wrote: > Hi all, > > I am using Match directive and internal-sftp to chroot sftp users into their > directory. Connection and login works. I can change directories and put/get > files. Also logging of the internal sftp-process works (created a /dev/log > socket inside the chroot). As soon as I use the 'ls' command, nothing > happens and the the process gets stuck. Listing files does work as soon as I > remove the chrootdirectory directive. ... > I am using PAM with libnss-mysql. This is likely the problem - the chrooted process is probably trying to connect to your MySQL server and failing. You could either arrange for MySQL to listen at the path it is expecting inside the chroot or see if you can trick nss-mysql into giving up by creating a stale socket at the path it is expecting. The first approach would give you correct usernames for 'ls -l' at the cost of potentially exposing sensitive data inside the chroot. The latter loses usernames but keeps the chroot clean. (all assuming this is indeed the problem) -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
