http://wiki.filipefonseca.pt/index.php?action=history&feed=atom&title=JailkitJailkit - Revision history2026-04-18T16:19:05ZRevision history for this page on the wikiMediaWiki 1.36.1http://wiki.filipefonseca.pt/index.php?title=Jailkit&diff=5194&oldid=prevFilipeFonseca at 04:47, 9 July 20212021-07-09T04:47:42Z<p></p>
<p><b>New page</b></p><div>== About Jailkit ==<br />
<br />
Jailkit is a set of utilities to enhance the possibilities of chroot jails. Jailkit contains a set of tools and config files to automate the deployment of chroot jails. Jailkit also contains various tools to limit user accounts to specific files or specific commands, configured from a config file. Setting up a chroot shell, a shell limited to some specific command, or a daemon inside a chroot jail is a lot easier and can be automated using these utilities.<br />
<br />
Jailkit is a specialized set of tools that is developed with a focus on security. It will abort in a secure way if the configuration, the system setup or the environment is not 100% secure, and it will send useful log messages that explain what is wrong to syslog.<br />
<br />
Jailkit is very stable software with a very stable and high quality codebase. It is known to be used in network security appliances from several leading IT security firms, internet servers from several large enterprise organizations, internet servers from internet service providers, as well as many smaller companies and private users that need to secure cvs, sftp, shell or daemon processes.<br />
<br />
== Home Page==<br />
https://olivier.sessink.nl/jailkit/<br />
<br />
== Download ==<br />
cd /tmp<br />
wget http://olivier.sessink.nl/jailkit/jailkit-2.22.tar.gz<br />
tar xvfz jailkit-2.22.tar.gz<br />
cd jailkit-2.22<br />
<br />
==Prepare Dependencies(Debian)==<br />
apt install build-essential autoconf automake1.11 libtool flex bison debhelper binutils-gold python -y<br />
<br />
==Install==<br />
echo 5 > debian/compat<br />
./debian/rules binary<br />
cd ..<br />
dpkg -i jailkit_2.22-1_amd64.deb<br />
<br />
==Remove used files==<br />
rm -rf /tmp/jailkit*<br />
<br />
==Add User/Jail==<br />
mkdir -p /home/jails/USERFOLDER<br />
jk_init -v /home/jails/USERFOLDER ssh sftp basicshell jk_lsh bash editors extendedshell scp rsync ...<br />
jk_jailuser -m -j /home/jails/USERFOLDER USR<br />
<br />
==Add apps to jail==<br />
jk_cp -v -j /home/jails/USERFOLDER /usr/bin/id<br />
<br />
<br />
==SSH modification==<br />
#define username to apply chroot jail to<br />
#Match group ssh-users<br />
Match user USER<br />
#specify chroot jail<br />
#ChrootDirectory /home/jail<br />
ChrootDirectory /home/jails/USER<br />
<br />
==FStab modification==<br />
# create dev folder<br />
mkdir -p /home/jails/USERFOLDER/dev/pts<br />
# chroot USER bind<br />
/ORIGINAL_DEFAULT_FOLDER/ /home/jails/USERFOLDER/DESTINATION_FOLDER none bind 0 0<br />
/dev/pts /home/jails/USERFOLDER/dev/pts none defaults,bind 0 0</div>FilipeFonseca