[scponly] can't start sftp-server on Fedora Core 5

cjones at patriot.net cjones at patriot.net
Tue Mar 28 13:21:29 EST 2006


On Tue March 28 2006 11:36, Kaleb Pederson wrote:
> > I've compiled from source using ./configure
> > –enable-chrooted-binary – disable-scp-compat
> > –disable-winscp-compat
>
> I presume you mean ./configure --enable-chrooted-binary
> --disable-scp-compat --disable-winscp-compat?
>

I guess so - I'm afraid I don't see the difference between what I 
say and what you say? Is some character being displayed 
differently? Or am I missing the obvious? 

> > I've also tried compiling without the two disable switches
> > When I try to log in, I get past the password prompt but then
> > stall, eventually getting a message about a broken pipe
>
> Please turn on debugging and send us the output.  You should be
> able to:
>
> echo 1 > /path/to/install/etc/scponly/debuglevel
>
> Then you should get a bunch of extra debugging information in
> the appropriate syslog log.
>

OK - did this. I'm not sure I know what I'm supposed to be doing 
next: 
I tried 
[root at 78/]# chroot /home/jph /usr/libexec/openssh/sftp-server

[root at 78 /]# chroot /home/jph usr/libexec/openssh/sftp-server

These two yielded no response at all...

[root at 78 /]# su -
[root at 78 ~]# sftp jph at localhost
Connecting to localhost...
jph at localhost's password:
Connection closed

"Connection closed" without any indication why. These were done 
from my host. Then I tried from a remote machine and I got this:

ssh username at ipaddress
username at ipaddress's password:
Last login: *************************
/usr/bin/xauth: timeout in locking authority 
file /home/username/.Xauthority

> > If I try to log in locally, I get a message about /dev/null -
> > no such device Sorry about the imprecision
>
> I presume this is because you are using a chroot.  You will
> need to create the /dev/null device within the chroot: mknod
> /path/to/chroot/dev/null c 1 3
>

Done successfully.

> Sounds like you are on the right track.  If you can get us the
> additional debugging information, we should be better able to
> help.
>

Thanks for your time. 

-- 
Claude Jones
Bluemont, VA, USA



More information about the scponly mailing list