[scponly] Fedora Core 5

Kaleb Pederson kibab at icehouse.net
Tue Jun 27 00:49:54 EDT 2006 

Can you turn on scponly debug mode?  You should be able to do that by doing 
the following:

echo 1 > $install_prefix/etc/scponly/debuglevel

After you have turned on debugging mode, please send us the additional syslog 
information.  Depending on how your syslog daemon is configured, you might 
need to change it's configuration.

--Kaleb

On Monday 26 June 2006 7:12 am, Stephen Sankarsingh wrote:
> Sorry if this has been asked before, I couldn't find the solution to
> this problem in the forum.
>
> I had been using scponly with the chrooted binary on WhiteBox Linux
> (based on RHEL 4) to grant my users access to my site.  All I needed to
> do was run the "make jail" script for a particular user and it just
> worked. Recently, I "upgraded" to Fedora Core 5 since the update servers
> were more reliable than WBL, now when I try to create a jailed user with
> the "make jail" script, I am prompted for the password then get
> "connection closed" immediately afterwards.
>
> This is the output from '/var/log/secure' after issuing the command,
> "sftp test at localhost":
>
>
> Jun 26 09:57:17 server sshd[2208]: Accepted password for test from
> 127.0.0.1 port 39589 ssh2
> Jun 26 13:57:17 server sshd[2209]: Accepted password for test from
> 127.0.0.1 port 39589 ssh2
> Jun 26 09:57:17 server sshd[2210]: pam_unix(sshd:session): session
> opened for user test by (uid=0)
> Jun 26 09:57:17 server sshd[2210]: subsystem request for sftp
> Jun 26 13:57:18 server scponly[2211]: running:
> /usr/libexec/openssh/sftp-server (username: test(501), IP/port:
> 127.0.0.1 39589 22)
> Jun 26 09:57:18 server sshd[2210]: pam_unix(sshd:session): session
> closed for user test
>
>
>
> When I try this in debug mode, I see that the error given is 'exit
> status 1'
>
> If on the other hand, I simply change the user's shell to scponly in
> '/etc/passwd', it works but then they aren't chrooted and I would prefer
> if they were chrooted.
>
> Is there any easy way to fix this? This script was extremely convenient
> when it worked :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20060627/da80b379/attachment.bin

More information about the scponly mailing list