LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-23-2011, 12:33 AM   #1
kjsubbu
Member
 
Registered: Apr 2003
Location: india
Posts: 73

Rep: Reputation: 15
SFTP jail Users Password updation


Hi to all,
I have configured the SFTP Jail for some of the users in my sftp server and which is hosted for my clients.
i have one small issues and i need the help from experts.
when i am resting the password it's updating in /etc/shadow file not in the /../jajil/etc/shadow file.
can you please help me how to update the password in /../jail/etc/shadow file instead of updating in /etc/shadow file.
 
Old 03-23-2011, 04:11 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
A few ideas come to mind, in order of attractiveness (to me):
  • If your distro / version allows it, you could utilize the baked-in sftp server (+Match +ChrootDirectory) available in OpenSSH. Then, when you make sftp user password updates, they'll take system-wide.
  • You could create a "change password" script that accepts/audits a user account argument, and then 1) runs it through passwd(1); 2) carefully backs up the jailed shadow(5) file, then copies the shadow(5) file from host to jail, preserving permissions.
  • You could put the passwd(1) program and its libraries within the jail as well, and always change passwords in two places. (Ugh.)
 
Old 03-24-2011, 12:20 AM   #3
kjsubbu
Member
 
Registered: Apr 2003
Location: india
Posts: 73

Original Poster
Rep: Reputation: 15
Thanks anomie for your reply,
ya i did the same only, i wrote the small script to place the password and account expire details in to /../jail/etc/shadow file.
unfortantely the script is copying the other or unwanted user details also, like root user details also in /../jail/etc/shadow file.
Now i have another question...
/../jail/etc/shadow file having root users details will create any issue...
 
Old 03-24-2011, 04:05 PM   #4
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Just curious - what sort of jail kit is this? And are you sure you can't use the OpenSSH approach I mentioned above?

As for copying shadow(5) entries, here's one way to grab only the lines you want:
Code:
# egrep '^user1:|^user2:|^user3:' /etc/passwd > /path/to/jail/etc/passwd
# egrep '^user1:|^user2:|^user3:' /etc/shadow > /path/to/jail/etc/shadow
(Be careful with that. Test it before using it on a production system.)

Last edited by anomie; 03-24-2011 at 04:06 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Getting SFTP logs from a chroot jail beairstos Linux - Server 1 10-01-2009 09:20 AM
Chroot jail for sftp, Solaris 10, OpenSSH_5.1p1 saskak Solaris / OpenSolaris 1 12-14-2008 10:31 PM
User Creationg : ssh/sftp user jail to $HOME only routers Solaris / OpenSolaris 2 10-30-2007 12:28 AM
sftp chroot jail, not able to find lib files drolic Linux - Security 3 11-23-2005 12:57 PM
chroot jail sftp users f1uke Linux - Security 1 07-28-2003 11:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:43 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration