[scponly] changing passwords remotely over scponly .. what am I doing wrong ?

Ensel Sharon user at dhp.com
Tue Mar 7 12:00:57 EST 2006 


On Tue, 7 Mar 2006, Kaleb Pederson wrote:

> The logging depends on how your syslog daemon is setup, but will
> typically show up in /var/log/messages.  As you have now turned on
> debugging, there should be quite a bit more information available in the
> logs.
> 
> You should see something indicating how scponly was called, what command
> is being issued, etc.


Ok, after adding *.*  /var/log/scponly  to syslog, I got:


Mar  7 08:51:23 hostname sshd[98862]: Accepted keyboard-interactive/pam
for username from 10.10.10.7 port 56674 ssh2
Mar  7 08:51:23 hostname scponly[98866]: chrooted binary in place, will
chroot()
Mar  7 08:51:23 hostname scponly[98866]: 3 arguments in total.
Mar  7 08:51:23 hostname scponly[98866]:        arg 0 is scponlyc
Mar  7 08:51:23 hostname scponly[98866]:        arg 1 is -c
Mar  7 08:51:23 hostname scponly[98866]:        arg 2 is passwd
Mar  7 08:51:23 hostname scponly[98866]: opened log at LOG_AUTHPRIV, opts
0x00000009
Mar  7 08:51:23 hostname scponly[98866]: retrieved home directory of
"/usr/home" for user "username"
Mar  7 08:51:23 hostname scponly[98866]: chrooting to dir: "/usr/home"
Mar  7 08:51:23 hostname scponly[98866]: chdiring to dir: "/"
Mar  7 08:51:23 hostname scponly[98866]: setting uid to username
Mar  7 08:51:23 hostname scponly[98866]: processing request: "passwd"
Mar  7 08:51:23 hostname scponly[98866]: Found "HOME" and setting it to
"/usr/home"
Mar  7 08:51:23 hostname scponly[98866]: Environment contains
"HOME=/usr/home"
Mar  7 08:51:23 hostname scponly[98866]: set HOME environment variable to
/ username: username(username), IP/port: 10.10.10.7 56674 22
Mar  7 08:51:23 hostname scponly[98866]: running: /usr/bin/passwd
(username: username(username), IP/port: 10.10.10.7 56674 22)


So that's that ... what do you think of it ?  Again, this was produced by
running this on the remote system:

# ssh -t username at hostname passwd
Password:
Changing local password for username
Connection to hostname closed.
#


Is there perhaps a hash file, or other mechanism within the chroot that
keeps track of all the binaries within the chroot, and simply copying in
`passwd` is not sufficient ?  Perhaps I need to somehow register the
addition of the passwd binary in the chroot somehow ?

thanks.

More information about the scponly mailing list