[scponly] trouble logging in to scponly v.4.8 user using sftp
Kaleb Pederson
kaleb.pederson at gmail.com
Thu Apr 10 22:10:48 EDT 2008
On Thursday 10 April 2008, Formal Disorder wrote:
> I am wondering where I went wrong. I have created an scponly user with
> the following procedure. However, I am unable to login over sftp as the
> new created 'make jail' user. I am using OpenBSD 4.2 with Apache 1.3.9
> in a chroot of /var/www
The make jail script doesn't handle everything necessary for OpenBSD, so
unless you have manually tried to fix the chroot, it's not going to work out
of the box :(.
I'd recommend you grab jailkit and use it to configure the chroot:
http://olivier.sessink.nl/jailkit/index.html
It provides some instructions specifically for setting up sftp/scp, so that's
probably a good starting point. Aside from setting the shell appropriately
and not needing to have /srv/sftpjail/etc/jailkit/jk_lsh.ini configured, it's
basically exactly what you need:
http://olivier.sessink.nl/jailkit/howtos_sftp_scp_only.html
If you still can't get it figured out, there are some instructions on the FAQ
that would tell you how to trace through the process, to better figure out
what's going on... but it's certainly non-trivial.
Let us know if you run into problems.
I supposes there's one other thing to confirm. You should probably enable
logging (echo 1 > $INSTALLPATH/etc/scponly/debuglevel) and verify that the
scponlyc shell is indeed executing the sftp-server. If it's not, then you
you'll need to figure that out before bothering with the above.
Thanks.
--Kaleb
More information about the scponly
mailing list