[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] SFTP Jail closes connection after login
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] SFTP Jail closes connection after login |
Date: |
Mon, 05 Mar 2007 23:58:27 +0100 |
User-agent: |
Icedove 1.5.0.9 (X11/20061220) |
Ari Karhu wrote:
> Tried to read old mails, but I'm still not able to make the system work.
> Idea is to provide only sftp/scp access to a user. My os uses syslog-ng
> for logging so I'm not using jk_socketd. The syslog-ng is configured to
> create a /dev/log into the jail.
>
> The system log looks like this when logging in with sftp:
> -----
> Mar 5 16:25:01 crapbox sshd[7429]: Accepted keyboard-interactive/pam
> for test from xxx.xxx.xxx.xxx port 57361 ssh2
> Mar 5 16:25:01 crapbox sshd(pam_unix)[7434]: session opened for user
> test by (uid=0)
> Mar 5 16:25:01 crapbox sshd[7434]: subsystem request for sftp
> Mar 5 16:25:01 crapbox jk_chrootsh[7435]: now entering jail
> /var/www/test for user test (1001)
> Mar 5 14:25:01 crapbox jk_lsh[7435]: jk_lsh version 2.3, started
> Mar 5 14:25:01 crapbox jk_lsh[7435]: executing command
> '/usr/lib/misc/sftp-server' for user test (1001)
> Mar 5 16:25:01 crapbox sshd(pam_unix)[7434]: session closed for user test
this looks 100% good, it seems to be the sftp-server process that closes
the connection.. If jk_lsh fails to execute sftp-server it would log
something like "WARNING: running /usr/lib/misc/sftp-server failed for
user test (1001): Permission denied", but it doesn't, so I assume
sftp-server is started correctly.
which sftp client are you using?
> /var/www/test/etc/jailkit/jk_lsh.ini:
> [test]
> paths= /usr/bin, /usr/lib/misc
> executables= /usr/bin/scp, /usr/lib/misc/sftp-server
> allow_word_expansion = 0
since you allow scp as well, can you copy files by scp to account 'test'?
regards,
Olivier