SSH + pam_chroot - Open Source Automation

I've been trying to get pam_chroot to work with ssh. There's a few little things to do to get it to work.

Install pam_chroot and set your chroot. See http://singe.za.net/blog/archives/378-Linux-SSH-Jail-with-pam_chroot.html
Set UsePrivilegeSeparation to "no" in sshd_config and restart sshd
Add the pam_chroot line to /etc/pam.d/ssh aswell as /etc/pam.d/login.
Make sure there's a /tmp dir in your chroot. If not, create it : mkdir -m 1777 $CHROOTDIR/tmp
Make sure you have the libs to execute your shell inside the chroot. A bit of a barbarian way to do that (adapt to your shell) is :
cp $(ldd /bin/bash | sed -e "s/.* => $[^$]*\) .*/\1/") $CHROOTDIR/lib/
If you need to debug:
Turn on debug in the pam_chroot line of /etc/pam.d/ssh. This will display the debug messages in /var/log/auth.log on Debian.
Turn on debug in sshd ('SSHD_OPTS="-d"' in /etc/default/ssh) and restart sshd.
Use verbose on your ssh client.
Check the logs inside the chroot too, if you have syslogging on.