[scponly] RHEL5 x86_64 scponly problem

Gary Autiello gautiello at dominiondiagnostics.com
Thu Oct 28 13:35:27 EDT 2010 


Hello All,

We currently have scponly-4.0 running on a old RHEL 4.8 server that we wish
to migrate to a RHEL 5.4 x86_64 bit system.  We downloaded the latest
binaries and compiled with:

./configure --enable-chrooted-binary

Everything seemed smooth.  We ran the make jail script and created the
user.  It was when we tried to connect to the new server as the jailed user
where we are noticing that we cannot connect and immediately get dumped.
With debugging set to default level, what we see in the secure log is:

ct 28 13:15:04 garytest139 sshd[32403]: pam_unix(sshd:session): session
closed for user garytest
Oct 28 13:15:09 garytest139 sshd[32422]: Accepted password for garytest
from 192.168.1.43 port 49384 ssh2
Oct 28 13:15:09 garytest139 sshd[32422]: pam_unix(sshd:session): session
opened for user garytest by (uid=0)
Oct 28 13:15:09 garytest139 sshd[32424]: subsystem request for sftp
Oct 28 17:15:09 garytest139 scponly[32425]:
running: /usr/libexec/openssh/sftp-server -l INFO -f LOCAL6 (username:
garytest(813), IP/port: 192.168.1.43 49384 22)
Oct 28 17:15:09 garytest139 scponly[32425]:
failed: /usr/libexec/openssh/sftp-server -l INFO -f LOCAL6 with error No
such file or directory(2) (username: garytest(813), IP/port: 192.168.1.43
49384 22)

When we set the debuggin level to 2, we saw no errors at all.  I read in
the archives that debug level could break scponly so I put back to 0.  I
also read somewhere that I needed to create a dev/null instance in the
chrooted environment for the user, but that did not help as well.

I've been researching for the past two days and haven't been able to get
this working.  If anyone could please help, I'd greatly appreciate.  We
want to migrate to this new server asap.

Thank you!
______________________________________
Gary Autiello, Network +, MCITP
Network Administrator
Dominion Diagnostics, LLC
x886, 401-667-0886

CONFIDENTIALITY NOTICE: This e-mail, including attachments,
is for the sole use of the individual to whom it is addressed
This message is confidential and may contain information that
is privileged, confidential and is exempt from disclosure under
applicable law. Any unauthorized review, use, disclosure or
distribution is prohibited. If you have received this e-mail
in error, please notify the sender by reply e-mail and destroy
this message and its attachments

-------------- next part --------------
HTML attachment scrubbed and removed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2C015748.jpg
Type: image/jpeg
Size: 5238 bytes
Desc: not available
Url : http://lists.ccs.neu.edu/pipermail/scponly/attachments/20101028/a1919ec5/attachment.jpg

More information about the scponly mailing list