Cannot login into SSH from non-admin account. /bin/bash: No such file or directory

Question

Although I have found many other posts on this exact problem, none of their presented solutions have fixed my issue.

I have configured and SFTP and SSH server on my raspberry pi. And ever since I enabled the SFTP server, non-admin accounts cannot ssh into the raspberry pi anymore, being presented with this message:

Last login: Sat Jul 15 12:02:42 2023 from 192.168.1.221
/bin/bash: No such file or directory
Connection to xxx.yyy.z.vvv closed.

I have followed the advice online and created in my chroot directory (see sshd_config file below) a bin folder with the copied bash file inside it. However, nothing changed. I tried also adding the same folder into the home directory of the user I was trying to log in from, but once again - No change.

My knowledge of linux is way to limited to know where to go from there. I'll be happy to recieve any advice as to what to troubleshoot next.

Thank You for your help.

As mentioned above, the complete sshd_config file: (My own configuration starts after the Subsystem line, I have not messed with anything above it)

#       $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
This is the sshd server system-wide configuration file.  See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented.  Uncommented options override the
default value.
Include /etc/ssh/sshd_config.d/*.conf
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers and keying
#RekeyLimit default none
Logging
#SyslogFacility AUTH
#LogLevel INFO
Authentication:
#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile     .ssh/authorized_keys .ssh/authorized_keys2
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
Change to yes if you don't trust ~/.ssh/known_hosts for
HostbasedAuthentication
#IgnoreUserKnownHosts no
Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
Change to yes to enable challenge-response passwords (beware issues with
some PAM modules and threads)
ChallengeResponseAuthentication no
Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
Set this to 'yes' to enable PAM authentication, account processing,
and session processing. If this is enabled, PAM authentication will
be allowed through the ChallengeResponseAuthentication and
PasswordAuthentication.  Depending on your PAM configuration,
PAM authentication via ChallengeResponseAuthentication may bypass
the setting of "PermitRootLogin without-password".
If you just want the PAM account and session checks to run without
PAM authentication, then enable this but set PasswordAuthentication
and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
PrintMotd no
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
no default banner path
#Banner none
Allow client to pass locale environment variables
AcceptEnv LANG LC_*
override default of no subsystems
#NIEAKTUALNE! /
#Subsystem      sftp    /usr/lib/openssh/sftp-server
#O tak powinno byc :)
Subsystem       sftp    internal-sftp
Example of overriding settings on a per-user basis
#Match User anoncvs
X11Forwarding no
AllowTcpForwarding no
PermitTTY no
ForceCommand cvs server
#===========================================================================
POCZATEK RECZNEJ KONFIGURACJI
#===========================================================================
Pozwol zalogowac sie tylko osobom z grupy tekkitboys
Match group tekkitboys
#Ustawienie Match group MUSI byc pierwszym ustawieniem SSH i SFTP!
#Dla bezpieczenstwa (nie wiem ale gosc zalecil)
AllowTcpForwarding no
X11Forwarding no
#Zaden uzytkownik SFTP nie bedzie wstanie wyjsc wyzej w strukturze plikow niz ten folder
ChrootDirectory /media
#Musialem dac az /media bo folder ten (z uwagi na bezpieczenstwo) musi miec root'a jako wlasciciela i
#grupy nie moga miec praw do zapisywania

In particular this answer from that question – Chris Davies Jul 15 '23 at 10:57 — Chris Davies, Jul 15 '23 at 10:57
Yes, it worked perfectly. Thank You for your help. – Kuba0040 Jul 16 '23 at 12:56 — Kuba0040, Jul 16 '23 at 12:56

Cannot login into SSH from non-admin account. /bin/bash: No such file or directory

This is the sshd server system-wide configuration file. See

sshd_config(5) for more information.

This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

The strategy used for options in the default sshd_config shipped with

OpenSSH is to specify options with their default value where

possible, but leave them commented. Uncommented options override the

default value.

Ciphers and keying

Logging

Authentication:

Expect .ssh/authorized_keys2 to be disregarded by default in future.

For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

Change to yes if you don't trust ~/.ssh/known_hosts for

HostbasedAuthentication

Don't read the user's ~/.rhosts and ~/.shosts files

To disable tunneled clear text passwords, change to no here!

Change to yes to enable challenge-response passwords (beware issues with

some PAM modules and threads)

Kerberos options

GSSAPI options

Set this to 'yes' to enable PAM authentication, account processing,

and session processing. If this is enabled, PAM authentication will

be allowed through the ChallengeResponseAuthentication and

PasswordAuthentication. Depending on your PAM configuration,

PAM authentication via ChallengeResponseAuthentication may bypass

the setting of "PermitRootLogin without-password".

If you just want the PAM account and session checks to run without

PAM authentication, then enable this but set PasswordAuthentication

and ChallengeResponseAuthentication to 'no'.

no default banner path

Allow client to pass locale environment variables

override default of no subsystems

Example of overriding settings on a per-user basis

X11Forwarding no

AllowTcpForwarding no

PermitTTY no

ForceCommand cvs server

POCZATEK RECZNEJ KONFIGURACJI

Pozwol zalogowac sie tylko osobom z grupy tekkitboys

0 Answers0