I setup a ssh chroot jail following this[1] guide. It works for my user to login, use ls and use scp which is all I really want. I do have a problem I cannot solve: when connected and navigating the filesystem, the backspace key actually moves the cursor forward and does not delete what I type. I may have found a hint from some googling that readline will read in /etc/inputrc on login but if this is true, I am unsure what component of readline might I require to copy over from the live system into the chroot jail. For reference, I include the tree view of the chroot jail I created below. Thank you kindly for any suggestions. % tree -a /var/jail /var/jail ??? .bashrc ??? bin -> usr/bin ??? dev ? ??? null ? ??? random ? ??? tty ? ??? zero ??? etc ? ??? group ? ??? inputrc ? ??? passwd ? ??? profile ??? lib -> usr/lib ??? lib64 -> usr/lib64 ??? usr ??? bin ? ??? bash ? ??? ls ? ??? scp ??? lib ? ??? libcap.so.2 ? ??? libc.so.6 ? ??? libdl.so.2 ? ??? libncursesw.so.6 ? ??? libnss3.so ? ??? libnssckbi-p11-kit.so ? ??? libnssckbi.so ? ??? libnss_compat-2.23.so ? ??? libnss_compat.so ? ??? libnss_compat.so.2 ? ??? libnss_db-2.23.so ? ??? libnssdbm3.chk ? ??? libnssdbm3.so ? ??? libnss_db.so ? ??? libnss_db.so.2 ? ??? libnss_dns-2.23.so ? ??? libnss_dns.so ? ??? libnss_dns.so.2 ? ??? libnss_files-2.23.so ? ??? libnss_files.so ? ??? libnss_files.so.2 ? ??? libnss_hesiod-2.23.so ? ??? libnss_hesiod.so ? ??? libnss_hesiod.so.2 ? ??? libnss_myhostname.so.2 ? ??? libnss_mymachines.so.2 ? ??? libnss_nis-2.23.so ? ??? libnss_nisplus-2.23.so ? ??? libnss_nisplus.so ? ??? libnss_nisplus.so.2 ? ??? libnss_nis.so ? ??? libnss_nis.so.2 ? ??? libnss_resolve.so.2 ? ??? libnsssysinit.so ? ??? libnssutil3.so ? ??? libnss_winbind.so ? ??? libnss_winbind.so.2 ? ??? libnss_wins.so ? ??? libnss_wins.so.2 ? ??? libreadline.so.6 ??? lib64 ??? ld-linux-x86-64.so.2 9 directories, 53 files 1. http://www.cyberciti.biz/faq/debian-ubuntu-restricting-ssh-user-session-to-a-directory-chrooted-jail/
Have you looked at your 'stty' settings? Do stty -a and see what the 'erase' variable equates to. What are you using for an SSH client? On what OS? Some clients can pass along settings during the login procedure. On Wed, 20 Apr 2016, John wrote:> I setup a ssh chroot jail following this[1] guide. It works for my user to login, use ls and use scp which is all I really want. I do have a problem I cannot solve: when connected and navigating the filesystem, the backspace key actually moves the cursor forward and does not delete what I type. > > I may have found a hint from some googling that readline will read in /etc/inputrc on login but if this is true, I am unsure what component of readline might I require to copy over from the live system into the chroot jail. > > For reference, I include the tree view of the chroot jail I created below. Thank you kindly for any suggestions. > > % tree -a /var/jail > > /var/jail > ??? .bashrc > ??? bin -> usr/bin > ??? dev > ? ??? null > ? ??? random > ? ??? tty > ? ??? zero > ??? etc > ? ??? group > ? ??? inputrc > ? ??? passwd > ? ??? profile > ??? lib -> usr/lib > ??? lib64 -> usr/lib64 > ??? usr > ??? bin > ? ??? bash > ? ??? ls > ? ??? scp > ??? lib > ? ??? libcap.so.2 > ? ??? libc.so.6 > ? ??? libdl.so.2 > ? ??? libncursesw.so.6 > ? ??? libnss3.so > ? ??? libnssckbi-p11-kit.so > ? ??? libnssckbi.so > ? ??? libnss_compat-2.23.so > ? ??? libnss_compat.so > ? ??? libnss_compat.so.2 > ? ??? libnss_db-2.23.so > ? ??? libnssdbm3.chk > ? ??? libnssdbm3.so > ? ??? libnss_db.so > ? ??? libnss_db.so.2 > ? ??? libnss_dns-2.23.so > ? ??? libnss_dns.so > ? ??? libnss_dns.so.2 > ? ??? libnss_files-2.23.so > ? ??? libnss_files.so > ? ??? libnss_files.so.2 > ? ??? libnss_hesiod-2.23.so > ? ??? libnss_hesiod.so > ? ??? libnss_hesiod.so.2 > ? ??? libnss_myhostname.so.2 > ? ??? libnss_mymachines.so.2 > ? ??? libnss_nis-2.23.so > ? ??? libnss_nisplus-2.23.so > ? ??? libnss_nisplus.so > ? ??? libnss_nisplus.so.2 > ? ??? libnss_nis.so > ? ??? libnss_nis.so.2 > ? ??? libnss_resolve.so.2 > ? ??? libnsssysinit.so > ? ??? libnssutil3.so > ? ??? libnss_winbind.so > ? ??? libnss_winbind.so.2 > ? ??? libnss_wins.so > ? ??? libnss_wins.so.2 > ? ??? libreadline.so.6 > ??? lib64 > ??? ld-linux-x86-64.so.2 > > 9 directories, 53 files > > 1. http://www.cyberciti.biz/faq/debian-ubuntu-restricting-ssh-user-session-to-a-directory-chrooted-jail/ > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >Regards, ....Bob Rasmussen, President, Rasmussen Software, Inc. personal e-mail: ras at anzio.com company e-mail: rsi at anzio.com voice: (US) 503-624-0360 (9:00-6:00 Pacific Time) fax: (US) 503-624-0760 web: http://www.anzio.com street address: Rasmussen Software, Inc. 10240 SW Nimbus, Suite L9 Portland, OR 97223 USA
----- Original Message -----> From: Bob Rasmussen <ras at anzio.com> > To: John <da_audiophile at yahoo.com> > Cc: "openssh-unix-dev at mindrot.org" <openssh-unix-dev at mindrot.org> > Sent: Wednesday, April 20, 2016 4:48 PM > Subject: Re: Backspace key does not work in a ssh chroot jail > > Have you looked at your 'stty' settings? Do > stty -a > and see what the 'erase' variable equates to. > > What are you using for an SSH client? On what OS? Some clients can pass > along settings during the login procedure.Initially, I did not copy /usr/bin/stty from the root filesystem to the jail. I just did now and I have attached the output of the command you asked about below. To answer your other question: the ssh client is the linux native /usr/bin/ssh (provided by openssh 7.2p2).>From within the chroot jail:$ stty -a speed 38400 baud; rows 36; columns 128; line = 0; intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0; -parenb -parodd -cmspar cs8 -hupcl -cstopb cread -clocal -crtscts -ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc -ixany -imaxbel -iutf8 opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extproc>From the native linux environment:% stty -a speed 38400 baud; rows 36; columns 128; line = 0; intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0; -parenb -parodd -cmspar cs8 -hupcl -cstopb cread -clocal -crtscts -ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc -ixany -imaxbel iutf8 opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extproc