Allow users in chroot to SSH to another VM instance

rk92

11/26/22, 11:12 PM

Been coming across some issues with setting up SSH from a chroot directory out to a secondary VM. This is all being done in Google Cloud at the moment using CentOS 8. I think I have created the chroot directory correctly, added /bin/ssh to the chroot directory, added shared libraries for /bin/ssh.

I am stuck currently at running ssh <IP_ADDRESS>. I had to first create a /home/<USER>/.ssh in the chroot, then I added a known_hosts file inside .ssh. I connected to the second VM and can see that a host was added to the known_hosts file but I cannot get past an error about <USER>@<IP_ADDRESS> Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Password authentication is disabled currently in sshd_config on both VM instances. I remember briefly trying password authentication with both and it still failed. I am not sure of what I am missing to resolve this.

0 + 2

linux

ssh

virtual-machines

centos

google-compute-engine

John Hanley

11/26/22, 11:32 PM

To login to a remote machine with SSH key pairs requires placing the public key on the remote host and the private key on the local host. Did you do that?

rk92

11/27/22, 9:47 PM

Thanks, yes that was part of the problem. Manually created a SSH key pair on the Bastion, was able to get the public key to the second instance and private key was added to the chroot directory. I also needed to add a `/tmp` folder to my chroot directory along with `/bin/ssh-add` and `/bin/ssh-agent` along with associated shared libraries (ldd) for ssh-add and ssh-agent.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Allow users in chroot to SSH to another VM instance

TH: อนุญาตให้ผู้ใช้ใน chroot ใช้ SSH ไปยังอินสแตนซ์ VM อื่น

RO: Permite utilizatorilor din chroot la SSH la o altă instanță VM

RU: Разрешить пользователям в chroot доступ по SSH к другому экземпляру виртуальной машины

VI: Cho phép người dùng trong chroot SSH sang phiên bản VM khác

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.