public key auth problem in chroot'd env.

sshd, by default, looks in $HOME/.ssh/authorized_keys for key access. Since the user's home is /var/chroot that's where it's looking.

If you have a recent(ish) ssh version (4.9 or newer, it seems), look at

http://www.zdnetasia.com/techguide/open … 704,00.htm">http://www.zdnetasia.com/techguide/opensource/0,39044899,62043704,00.htm

So the solution in that link looks the same, really. The only difference is that the author of that article assumes the chroot'd env. is the user's home dir.

i.e. when joe logs in he'll be in /chroot not /chroot/home/joe

I could do that, but I don't want a 1-to1 between chroot'd env.'s and users. I want to have 1 chroot'd env. and several users.

sshdconfig Match directive looks interesting. Wonder if there's a way to match group and tell sshd to look in a different spot for authorizedkeys for that group.

Looks like jailkit does what I want. Same functionality, but creates a more "correct" /etc/passwd that allows sshd to process normally.

See:

http://olivier.sessink.nl/jailkit/