Mailing List Archive

As far as I know, to build a tunnel you must to log on the system...
Here is my sshd_conf:
Match group jailed
ChrootDirectory /home/jail/
X11Forwarding no
AllowTcpForwarding yes
(ok.. only a few lines of him)
The users from the group jailed can log on the system.
That is why I built an chroot enviroment on /home/jail.
I hope help

2010/1/25 Andrew Penhorwood <andrew@coldbits.com>:
> I have openssh 5.x installed on a CentOS 5.x box.  All is working fine but I
> wanted to add port forwarding to my chroot'ed users.  Most users are just
> using SFTP that is chrooted to their web directory.  Now I need to give some
> users access to MySQL over an SSH tunnel.  When I added the port forwarding
> to the chroot'ed users the port forwarding does not work.  If I remove the
> chroot the port forwarding works.
>
> Any pointers would be a great help.
>
> Andrew Penhorwood



--
---------------------------------------
- El conocimiento es poder -
- y el saber nos hace libres. -
----------------------------------
netvulcano.wordpress.com
Linux User #405757
Machine Linux #310536

Hi Andrew,
 
Wouldn't the problem be that the socket is outside of the chroot'ed environment.
I don't have much experience with ssh chrooting and port forwarding, but that
would be my first thought.
 
Regards,
 
Charlie

On 26 January 2010 at 01:05 Andrew Penhorwood <andrew@coldbits.com> wrote:

> I have openssh 5.x installed on a CentOS 5.x box.  All is working fine but I
> wanted to add port forwarding to my chroot'ed users.  Most users are just
> using SFTP that is chrooted to their web directory.  Now I need to give some
> users access to MySQL over an SSH tunnel.  When I added the port forwarding to
> the chroot'ed users the port forwarding does not work.  If I remove the chroot
> the port forwarding works.
>
> Any pointers would be a great help.
>
> Andrew Penhorwood