[scponly] Fedora Core 5
Bo Bruen
es.photography at hotmail.com
Thu Oct 19 15:33:44 EDT 2006
I have searched the archives and though the question has been asked I
haven't been able to find a response. So here goes...
I am running Fedora Core 5 on a 64bit system (if that is significant) and am
attempting to create a sftp site which will strictly control our clients
access to the system.
I installed scponly as follows
./configure --enabled-chrooted-binary --disable-scp-compt
--disable-winscp-compt
make
make install
make jail
I used the defaults for the jail
I then make a user:
adduser -s /usr/local/sbin/scponlyc scpdemo
gave it a password and tried to login via sftp from the localhost and from a
seperate system. Both instances gave the same errors.
The following is from /var/log/security with scponly set to debug level 1:
Oct 19 14:39:11 linuxhost1 sshd[15204]: Accepted password for scpdemo from
10.0.0.100 port 50806 ssh2
Oct 19 14:39:11 linuxhost1 sshd[15206]: pam_unix(sshd:session): session
opened for user scpdemo by (uid=0)
Oct 19 14:39:12 linuxhost1 sshd[15206]: subsystem request for sftp
Oct 19 14:39:12 linuxhost1 scponly[15207]: chrooted binary in place, will
chroot()
Oct 19 14:39:12 linuxhost1 scponly[15207]: 3 arguments in total.
Oct 19 14:39:12 linuxhost1 scponly[15207]: arg 0 is scponlyc
Oct 19 14:39:12 linuxhost1 scponly[15207]: arg 1 is -c
Oct 19 14:39:12 linuxhost1 scponly[15207]: arg 2 is
/usr/libexec/openssh/sftp-server
Oct 19 14:39:12 linuxhost1 scponly[15207]: opened log at LOG_AUTHPRIV, opts
0x00000029
Oct 19 14:39:12 linuxhost1 scponly[15207]: retrieved home directory of
"/home/scpdemo" for user "scpdemo"
Oct 19 14:39:12 linuxhost1 scponly[15207]: chrooting to dir: "/home/scpdemo"
Oct 19 14:39:12 linuxhost1 scponly[15207]: chdiring to dir: "/"
Oct 19 18:39:12 linuxhost1 scponly[15207]: setting uid to 508
Oct 19 18:39:12 linuxhost1 scponly[15207]: processing request:
"/usr/libexec/openssh/sftp-server"
Oct 19 18:39:12 linuxhost1 scponly[15207]: running:
/usr/libexec/openssh/sftp-server (username: scpdemo(508), IP/port:
10.0.0.100 50806 22)
Oct 19 18:39:12 linuxhost1 scponly[15207]: failed:
/usr/libexec/openssh/sftp-server with error Permission denied(13) (username:
scpdemo(508), IP/port: 10.0.0.100 50806 22)
Oct 19 14:39:13 linuxhost1 sshd[15206]: pam_unix(sshd:session): session
closed for user scpdemo
In the likely event that I miss read or misunderstood the instructions and
tried a variety of direcotry configurations with no changes in the error
message save the directory locations. Any help would be appreciated.
--Bo
_________________________________________________________________
Use your PC to make calls at very low rates
https://voiceoam.pcs.v2s.live.com/partnerredirect.aspx
More information about the scponly
mailing list