Thread: Problem setting up rssh
Brought to you by:
xystrus
Menu
▾
▴
rssh-discuss
|
From: Robert M. <rob...@ya...> - 2003-12-04 04:37:52
|
Some of the names in this file have been change for
security reasons...
Linux machine 2.4.20-13.9 #1 Mon May 12 10:55:37 EDT
2003 i686 i686 i386 GNU/Linux
> rpm -qa | grep openssh
openssh-clients-3.5p1-6
openssh-3.5p1-6
openssh-server-3.5p1-6
I installed rssh-2.1.1-1.RH9.i386.rpm.
The entry in /etc/rssh.conf:
user=hiduser:002:11:/var/spool/ftp/dir
#!/bin/sh
mkdir -p /var/spool/ftp/dir
cd /var/spool/ftp/dir
for i in /usr/bin/scp /usr/libexec/openssh/sftp-server
/usr/libexec/rssh_chroot_helper; do
tar -cBf - $i | tar -xBvf -
tar -cBf - `ldd $i | awk '{ print $3 }'` | tar -xBvf
-
done
tar -cBf - /etc/passwd /etc/ld.so*
/lib/libnss_files.so.? | tar -xBvf -
mkdir dev
When I try to sftp to the machine I get:
Dec 3 21:11:39 machine sshd(pam_unix)[7748]: session
opened for user hiduser by (uid=3004)
Dec 3 21:11:39 machine rssh[7749]: setting log
facility to LOG_USER
Dec 3 21:11:39 machine rssh[7749]: setting umask to
022
Dec 3 21:11:39 machine rssh[7749]: line 41:
configuring user hiduser
Dec 3 21:11:39 machine rssh[7749]: setting hiduser's
umask to 02
Dec 3 21:11:39 machine rssh[7749]: allowing scp to
user hiduser
Dec 3 21:11:39 machine rssh[7749]: allowing sftp to
user hiduser
Dec 3 21:11:39 machine rssh[7749]: chrooting hiduser
to /var/spool/ftp/dir
Dec 3 21:11:39 machine rssh[7749]: chroot cmd line:
/usr/libexec/rssh_chroot_helper "/var/spool/ftp/dir" 2
"/" /usr/libexec/openssh/sftp-server
Dec 3 21:11:39 machine sshd(pam_unix)[7748]: session
closed for user hiduser
Dec 4 05:11:39 machine rssh_chroot_helper[7749]: new
session for hiduser, UID=3004
Dec 4 05:11:39 machine rssh_chroot_helper[7749]:
execv() failed, /usr/libexec/openssh/sftp-server: No
such file or directory
The file
/var/spool/ftp/dir/usr/libexec/openssh/sftp-server
exists.
What have I done wrong?
__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/
|
|
From: Robert M. <rob...@ya...> - 2003-12-09 20:18:29
|
Some of the names in this file have been change for
security reasons...
Linux machine 2.4.20-13.9 #1 Mon May 12 10:55:37 EDT
2003 i686 i686 i386 GNU/Linux
> rpm -qa | grep openssh
openssh-clients-3.5p1-6
openssh-3.5p1-6
openssh-server-3.5p1-6
I installed rssh-2.1.1-1.RH9.i386.rpm.
The entry in /etc/rssh.conf:
user=hiduser:002:11:/var/spool/ftp/dir
#!/bin/sh
mkdir -p /var/spool/ftp/dir
cd /var/spool/ftp/dir
for i in /usr/bin/scp /usr/libexec/openssh/sftp-server
/usr/libexec/rssh_chroot_helper; do
tar -cBf - $i | tar -xBvf -
tar -cBf - `ldd $i | awk '{ print $3 }'` | tar -xBvf
-
done
tar -cBf - /etc/passwd /etc/ld.so*
/lib/libnss_files.so.? | tar -xBvf -
mkdir dev
When I try to sftp to the machine I get:
Dec 3 21:11:39 machine sshd(pam_unix)[7748]: session
opened for user hiduser by (uid=3004)
Dec 3 21:11:39 machine rssh[7749]: setting log
facility to LOG_USER
Dec 3 21:11:39 machine rssh[7749]: setting umask to
022
Dec 3 21:11:39 machine rssh[7749]: line 41:
configuring user hiduser
Dec 3 21:11:39 machine rssh[7749]: setting hiduser's
umask to 02
Dec 3 21:11:39 machine rssh[7749]: allowing scp to
user hiduser
Dec 3 21:11:39 machine rssh[7749]: allowing sftp to
user hiduser
Dec 3 21:11:39 machine rssh[7749]: chrooting hiduser
to /var/spool/ftp/dir
Dec 3 21:11:39 machine rssh[7749]: chroot cmd line:
/usr/libexec/rssh_chroot_helper "/var/spool/ftp/dir" 2
"/" /usr/libexec/openssh/sftp-server
Dec 3 21:11:39 machine sshd(pam_unix)[7748]: session
closed for user hiduser
Dec 4 05:11:39 machine rssh_chroot_helper[7749]: new
session for hiduser, UID=3004
Dec 4 05:11:39 machine rssh_chroot_helper[7749]:
execv() failed, /usr/libexec/openssh/sftp-server: No
such file or directory
The file
/var/spool/ftp/dir/usr/libexec/openssh/sftp-server
exists.
What have I done wrong?
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/
|
|
From: Derek M. <co...@pi...> - 2003-12-10 05:58:23
|
On Tue, Dec 09, 2003 at 12:18:26PM -0800, Robert Minsk wrote: [BIG SNIP] > The file > /var/spool/ftp/dir/usr/libexec/openssh/sftp-server > exists. > > What have I done wrong? Robert, I've looked at your description of what you did to set up your jail, and I don't see anything obviously wrong. However, odds are good that you've missed some important library somewhere. That is almost always the problem. Your configuration looks fine. All I can really say about it is to reiterate what I said in the CHROOT documentation: setting up a chroot jail is complicated, and very much system-dependent. So I really can't provide any better explanation as to what you may have done wrong. Ultimately, I can't support chroot jail configurations. Sorry I can't be of any more help... Derek -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D |
|
From: Frederik K. <rs...@fk...> - 2011-09-16 10:17:33
|
Hi, I am having problems setting up rssh. I have created a chroot Environment for the user, containing all the commands and libraries needed as described in the 'CHROOT' file. However there seems to be a problem in identifying the 'sftp-server' command as allowed. <begin /etc/rssh.conf> logfacility = LOG_USER umask = 022 user=BSG-1668:022:00011:/chroot/BSG-1668 <end /etc/rssh.conf> This is what I get in syslog when trying to connect using sftp with this user: <begin /var/log/messeges snippet> Sep 14 15:40:49 iGor rssh[953]: setting log facility to LOG_USER Sep 14 15:40:49 iGor rssh[953]: setting umask to 022 Sep 14 15:40:49 iGor rssh[953]: user bsg-1668 attempted to execute forbidden commands Sep 14 15:40:49 iGor rssh[953]: command: /usr/libexec/openssh/sftp-server <end /var/log/messages snippet> Any ideas as to why this command is 'forbidden' would be appreciated. Here some extra information: It is a Gentoo Linux Server. Kernel v2.6.34-xen (64bit) rssh v2.3.3 openssh v5.6_p1-r2 Every bit of software was compiled on the machine itself. Kind regards Frederik Klama |
|
From: Derek M. <co...@pi...> - 2011-09-16 21:23:20
|
Try running rssh -v... On Fri, Sep 16, 2011 at 11:50:22AM +0200, Frederik Klama wrote: > Hi, > > I am having problems setting up rssh. > I have created a chroot Environment for the user, containing all the > commands > and libraries needed as described in the 'CHROOT' file. > However there seems to be a problem in identifying the 'sftp-server' command > as allowed. > > <begin /etc/rssh.conf> > logfacility = LOG_USER > umask = 022 > user=BSG-1668:022:00011:/chroot/BSG-1668 > <end /etc/rssh.conf> > > This is what I get in syslog when trying to connect using sftp with this > user: > <begin /var/log/messeges snippet> > Sep 14 15:40:49 iGor rssh[953]: setting log facility to LOG_USER > Sep 14 15:40:49 iGor rssh[953]: setting umask to 022 > Sep 14 15:40:49 iGor rssh[953]: user bsg-1668 attempted to execute > forbidden commands > Sep 14 15:40:49 iGor rssh[953]: command: /usr/libexec/openssh/sftp-server > <end /var/log/messages snippet> > > Any ideas as to why this command is 'forbidden' would be appreciated. > > Here some extra information: > It is a Gentoo Linux Server. > Kernel v2.6.34-xen (64bit) > rssh v2.3.3 > openssh v5.6_p1-r2 > Every bit of software was compiled on the machine itself. > > Kind regards > Frederik Klama > ------------------------------------------------------------------------------ > BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA > http://p.sf.net/sfu/rim-devcon-copy2 > _______________________________________________ > rssh-discuss mailing list > rss...@li... > https://lists.sourceforge.net/lists/listinfo/rssh-discuss -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D |
Thanks for helping keep SourceForge clean.
X