SSH for my_webapp and installing chroot os with the help of debootstrap

I want to use ssh for my_webapp along with sftp. How can I achieve it?

@Maniack_Crudelis can I take help of your package in providing ssh to webapp ?https://github.com/maniackcrudelis/ssh_chroot

I needed lot of commands that was required under chroot jail along with ssh support. So I installed debootstrap and installed debian stable version inside chroot folder that is my_webapp__1. This way a virtual envirnment was created for the development of the app completely away from the yunohost. Here are the steps I followed. If some thing can be improved or can be done in better way, please don’t hesitate to improve this.

  1. Install my_webapp on yunohost.
    # yunohost app install https://github.com/YunoHost-Apps/my_webapp_ynh/

  2. Remove force sftp for the app from ssh
    # nano /etc/ssh/sshd_config
    Remove ForceCommand internal-sftp from the my_webapp__1 or the what ever your my_webapp instance no. is.

  3. Allow the user to have ssh permission by adding the line AllowUsers my_webapp__1

  4. Restart ssh
    # service ssh restart

  5. Install debootstrap Read more about chroot and debootstrap here
    # apt-get install debootstrap

  6. Install the choice of os in chroot directory.
    # debootstrap stable /var/www/my_webapp__1 http://deb.debian.org/debian/

  7. You can login to the root of the new installed os by chroot
    # chroot /var/www/my_webapp__1

  8. Install the required packages like ssh,sudo
    # apt-get install ssh sudo

  9. Exit the chroot
    # exit

  10. The uid of users should be same of both users in the real os and the chroot os. So we put the real os uid of the my_webapp__1 user to the chroot my_webapp__1 after creating it.
    #cat /etc/passwd
    Check the uid of the my_webapp__1 and copy it.
    Again login to chroot directory by step 7 and create a user my_webapp__1 in chroot OS.
    # adduser my_webapp__1
    Give it the same password as real OS user.

  11. Make the udi of the real os same with the chroot os by coping the uid of real os to chroot os.
    #nano /etc/passwd
    Copy the uid to the my_webapp__2

  12. Now you can ssh to the chroot folder with the my_webapp__1 user.
    Try it
    $ ssh my_webapp__1@domain.tld
    Enter password and you will be in the shell as my_webapp__1 user of chroot os.

Sometimes the my_webapp__1 will require root privileges. For this either you can give my_webapp__2 as root privileges or login as root by su. Other way is giving user privilege to run sudo without password and with root access by editing /etc/sudoers.
Login to the chroot root by step 7 again and add the user to have sudo privieges.
# nano /etc/sudoers
Add this line under Allow members of group sudo to execute any command
my_webapp__1 ALL=(ALL) NOPASSWD: ALL

Now you can ssh to the chroot by ssh my_webapp__1@domain.tld and run any command which require by sudo.

Hi!
Thank you for your solution :slight_smile:
I have a similar need (use command from ssh remote on my_webapp) without virtual env.
But i followed your tutorial without success… when ssh connect, my $ ssh are automaticaly closed after login :frowning:

have you an idea ?