LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   openssh and sftp problem (https://www.linuxquestions.org/questions/linux-server-73/openssh-and-sftp-problem-754976/)

saifkhan123 09-13-2009 11:44 PM
openssh and sftp problem
 
i am running OpenSSH 5.2 with CentOS 5.2, the problem is that i have restricted the users to the sftp only using "Force Command" with Match Block, and those users are not able to login to the shell through ssh, now the problem is that users are not able to login to the shell even if i comment out the "Force Command", as i want some of the sftp users (not all) to login to the shell, some of my ssh options are as follows

the previous config was
Code:
# override default of no subsystems
Subsystem      sftp    internal-sftp

Match Group sftpusers
    ChrootDirectory /chroot
    AllowTCPForwarding no
    X11Forwarding no
    ForceCommand internal-sftp
current config
Code:
# override default of no subsystems
Subsystem      sftp    internal-sftp

Match Group sftpusers
    ChrootDirectory /chroot
    AllowTCPForwarding no
    X11Forwarding no
#ForceCommand internal-sftp
when i try to login and give password, the window is closed, the /var/log/messages says that
Code:
sshserver sshd[2499]: Accepted password for test from 10.0.0.54 port 2683 ssh2
one more thing is that, all the sftp user has there home directory /chroot, to which they are chrooted on sftp login, and directory is owned by user "root" and group "root" (which is necessary for chrooting)..........any suggestions??

chrism01 09-13-2009 11:52 PM
Quote:
sshd reads its configuration file at startup. Therefore, if you modify the file while the server is running, the changes don't affect the server. You must force the server to reread the file in order accept the changes. This is done by sending a SIGHUP signal to the server process.
Have you re-started the server?

saifkhan123 09-13-2009 11:53 PM
ofcourse
 
ya ofcourse i have restarted the server

prasanta 09-14-2009 11:26 AM
This link might be useful,

http://www.debian-administration.org/articles/590

Regards,

--
Prasanta

saifkhan123 09-15-2009 01:52 AM
@prasanta
 
well....thanks for the link but actually it didnt help me much as i am already running sftp successfully with chrooting......just facing the problem that chroot is not working when i try to login to the shell....it may be the bug in OpenSSH 5.2-p1, one doubt i have is about using the line before Match Block

Code:
# override default of no subsystems
Subsystem sftp internal-sftp
is it just calling internal-sftp and not allowing shell login???but on the other hand, when i omit the line "ChrootDirectory" from Match Block...everything works fine....any ideas about that?


All times are GMT -5. The time now is 11:04 PM.