jailkit-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] SFTP Jail closes connection after login


From: Olivier Sessink
Subject: Re: [Jailkit-users] SFTP Jail closes connection after login
Date: Mon, 05 Mar 2007 23:58:27 +0100
User-agent: Icedove 1.5.0.9 (X11/20061220)

Ari Karhu wrote:
> Tried to read old mails, but I'm still not able to make the system work.
> Idea is to provide only sftp/scp access to a user. My os uses syslog-ng
> for logging so I'm not using jk_socketd. The syslog-ng is configured to
> create a /dev/log into the jail.
> 
> The system log looks like this when logging in with sftp:
> -----
> Mar  5 16:25:01 crapbox sshd[7429]: Accepted keyboard-interactive/pam
> for test from xxx.xxx.xxx.xxx port 57361 ssh2
> Mar  5 16:25:01 crapbox sshd(pam_unix)[7434]: session opened for user
> test by (uid=0)
> Mar  5 16:25:01 crapbox sshd[7434]: subsystem request for sftp
> Mar  5 16:25:01 crapbox jk_chrootsh[7435]: now entering jail
> /var/www/test for user test (1001)
> Mar  5 14:25:01 crapbox jk_lsh[7435]: jk_lsh version 2.3, started
> Mar  5 14:25:01 crapbox jk_lsh[7435]: executing command
> '/usr/lib/misc/sftp-server' for user test (1001)
> Mar  5 16:25:01 crapbox sshd(pam_unix)[7434]: session closed for user test

this looks 100% good, it seems to be the sftp-server process that closes
the connection.. If jk_lsh fails to execute sftp-server it would log
something like "WARNING: running /usr/lib/misc/sftp-server failed for
user test (1001): Permission denied", but it doesn't, so I assume
sftp-server is started correctly.

which sftp client are you using?

> /var/www/test/etc/jailkit/jk_lsh.ini:
> [test]
> paths= /usr/bin, /usr/lib/misc
> executables= /usr/bin/scp, /usr/lib/misc/sftp-server
> allow_word_expansion = 0

since you allow scp as well, can you copy files by scp to account 'test'?

regards,
        Olivier





reply via email to

[Prev in Thread] Current Thread [Next in Thread]