LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-13-2009, 11:44 PM   #1
saifkhan123
Member
 
Registered: Apr 2009
Distribution: Red Hat/CentOS
Posts: 108

Rep: Reputation: 19
openssh and sftp problem


i am running OpenSSH 5.2 with CentOS 5.2, the problem is that i have restricted the users to the sftp only using "Force Command" with Match Block, and those users are not able to login to the shell through ssh, now the problem is that users are not able to login to the shell even if i comment out the "Force Command", as i want some of the sftp users (not all) to login to the shell, some of my ssh options are as follows

the previous config was
Code:
# override default of no subsystems
Subsystem       sftp    internal-sftp

Match Group sftpusers
    ChrootDirectory /chroot
    AllowTCPForwarding no
    X11Forwarding no
    ForceCommand internal-sftp
current config
Code:
# override default of no subsystems
Subsystem       sftp    internal-sftp

Match Group sftpusers
    ChrootDirectory /chroot
    AllowTCPForwarding no
    X11Forwarding no
#ForceCommand internal-sftp
when i try to login and give password, the window is closed, the /var/log/messages says that
Code:
sshserver sshd[2499]: Accepted password for test from 10.0.0.54 port 2683 ssh2
one more thing is that, all the sftp user has there home directory /chroot, to which they are chrooted on sftp login, and directory is owned by user "root" and group "root" (which is necessary for chrooting)..........any suggestions??
 
Old 09-13-2009, 11:52 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
Quote:
sshd reads its configuration file at startup. Therefore, if you modify the file while the server is running, the changes don't affect the server. You must force the server to reread the file in order accept the changes. This is done by sending a SIGHUP signal to the server process.
Have you re-started the server?
 
Old 09-13-2009, 11:53 PM   #3
saifkhan123
Member
 
Registered: Apr 2009
Distribution: Red Hat/CentOS
Posts: 108

Original Poster
Rep: Reputation: 19
ofcourse

ya ofcourse i have restarted the server
 
Old 09-14-2009, 11:26 AM   #4
prasanta
Member
 
Registered: Mar 2005
Location: India
Distribution: Debian
Posts: 368

Rep: Reputation: 37
This link might be useful,

http://www.debian-administration.org/articles/590

Regards,

--
Prasanta
 
Old 09-15-2009, 01:52 AM   #5
saifkhan123
Member
 
Registered: Apr 2009
Distribution: Red Hat/CentOS
Posts: 108

Original Poster
Rep: Reputation: 19
@prasanta

well....thanks for the link but actually it didnt help me much as i am already running sftp successfully with chrooting......just facing the problem that chroot is not working when i try to login to the shell....it may be the bug in OpenSSH 5.2-p1, one doubt i have is about using the line before Match Block

Code:
# override default of no subsystems
Subsystem sftp internal-sftp
is it just calling internal-sftp and not allowing shell login???but on the other hand, when i omit the line "ChrootDirectory" from Match Block...everything works fine....any ideas about that?

Last edited by saifkhan123; 09-15-2009 at 01:56 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
openssh sftp chrooting all users davidstvz Debian 1 05-30-2009 04:06 AM
Remote backup server: vsftpd/SSL or openssh/sftp or... ? krog Linux - Security 3 04-24-2006 11:50 PM
How do I use sftp to upload my web site? (no sftp tar command) johnMG Linux - Networking 6 06-21-2005 09:14 PM
dont want sftp on OpenSSH e1000 Linux - Software 3 12-08-2004 12:47 PM
Concepts/Security types/ Setup: OpenSSH/sshd/ssh/scp/sftp Caud Pong Linux - Security 5 09-23-2004 06:51 AM


All times are GMT -5. The time now is 11:51 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration