[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] ForwardAgent(?) issue
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] ForwardAgent(?) issue |
Date: |
Wed, 07 Apr 2010 07:18:57 +0200 |
User-agent: |
Thunderbird 2.0.0.23 (X11/20090817) |
Christer Edwards wrote:
> I've got an ssh-only chroot system set up with jailkit (initially
> 2.5). One thing that kind of bothers me though is that ForwardAgent
> doesn't seem to work. I'm sure this is a function (feature) of the
> jail system, but it is something I'd like to be able to activate.
>
> To clarify, my setup allows: ssh -> jail -> internal-host
>
> There are very few commands available within the jail, mainly
> [basicshell] from jk_init.ini with a few minor additions. I haven't
> altered much of anything beyond that. What I would like to be able to
> do is the normal ssh -> jail -> internal-host, but have pubkey
> authentication work throughout. Currently it authenticates at jail,
> but prompts for a passphrase at internal-host.
did it work outside the jail? (if you change jk_chrootsh to bash in the
real /etc/passwd ?)
> If anyone can tell me what I need to do in order to get this to work
> I'd appreciate it.
you can always use strace (see howto) to see what is missing.
> Ohh, also, I noticed today that 2.11 was released. I've compiled and
> installed it, but I'm wondering if I need to jk_init again, or if my
> current setup (initially 2.5) is adequate. It is functional, but will
> anything be gained by doing jk_init on the newer release?
not really I think.
Olivier