[scponly] Antw: Re: Problem with Suse Linux Enterpise Server 10SP1

demo at itmanagement.net demo at itmanagement.net
Fri Aug 3 14:51:37 EDT 2007 

If you use vsftpd you do not need a chrooted shell at all. Use
(/usr)/sbin/nologin or /bin/false as shell and enable following in
vsftpd.conf


chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
userlist_enable=Yes
userlist_deny=NO
userlist_file=/etc/vsftpd.userlist_file

only ftp_users should be listed in userlist and the chrooted users in
chrootlist. The user is chrooted to its home directory

/ramses


> Hi,
> ok, now I got logging working, but....
> Logging in using ftp (that is, what's not working) will do no entry for
> scponly in the log.
> But the vsftpd log says:
>
> Fri Aug  3 16:47:42 2007 [pid 21635] FTP response: Client "212.18.86.73",
> "220 (vsFTPd 2.0.4)"
> Fri Aug  3 16:47:42 2007 [pid 21635] FTP command: Client "212.18.86.73",
> "USER testscp"
> Fri Aug  3 16:47:42 2007 [pid 21635] [testscp] FTP response: Client
> "212.18.86.73", "331 Please specify the password."
> Fri Aug  3 16:47:42 2007 [pid 21635] [testscp] FTP command: Client
> "212.18.86.73", "PASS <password>"
> Fri Aug  3 16:47:42 2007 [pid 21634] [testscp] FAIL LOGIN: Client
> "212.18.86.73"
> Fri Aug  3 16:47:42 2007 [pid 21635] [testscp] FTP response: Client
> "212.18.86.73", "530 Login incorrect."
> Fri Aug  3 16:47:48 2007 [pid 21635] FTP command: Client "212.18.86.73",
> "QUIT"
> Fri Aug  3 16:47:48 2007 [pid 21635] FTP response: Client "212.18.86.73",
> "221 Goodbye."
>
> As soon as I change the shell for the user in the /etc/passwd to /bin/bash
> rather than /....scponly I can login using ftp.
> Also using SLES10 without SP1 is working with scponly as shell! So it
> seems to happen with packages coming with SLES10SP1.
> Axel
>
>>>> Kaleb Pederson <kibab at icehouse.net> 03.08.2007 02:42 >>>
> On Thursday 02 August 2007, Axel Schneck (axel at schnecken-clan.de) wrote:
>> I tried to enable debugging as described in the howto but there will
>> nothing be logged to the /var/log/messages
>
> Depending on how your logger is setup, it could easily go somewhere else.
> I've typically seen it in the following locations:
>
> /var/log/messages
> /var/log/auth.log
> /var/log/secure
>
> It's also possible that it's going nowhere, although less likely.  You
> might
> try grepping for 'scponly' in your log directory to see if it's in a
> different file.
>
> Thanks.
>
> --Kaleb
>
>> Regards,
>> Axel_______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>

More information about the scponly mailing list