jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Jailkit-users] FEDORA 7 Install

From: Tom Fortier
Subject: RE: [Jailkit-users] FEDORA 7 Install
Date: Tue, 26 Jun 2007 14:54:12 -0700
Now that I have all of the ini files configed properly, should I try and re-create the jail now?ac
 

Thank You,

Tom Fortier
Zotec Partners, LLC
714.727.1030 Direct Phone
949.279.0337 Cell Phone

address@hidden

 

From: address@hidden [mailto:address@hidden On Behalf Of Tom Fortier
Sent: Tuesday, June 26, 2007 1:44 PM
To: address@hidden
Subject: RE: [Jailkit-users] FEDORA 7 Install

I already had everything as you suggested.  I'll look to see if I can find more libnss* files.
 

Thank You,

Tom Fortier
Zotec Partners, LLC
714.727.1030 Direct Phone
949.279.0337 Cell Phone

address@hidden

 

From: address@hidden [mailto:address@hidden On Behalf Of Tamakh
Sent: Tuesday, June 26, 2007 1:12 PM
To: address@hidden
Subject: Re: [Jailkit-users] FEDORA 7 Install

Ahh ok.  If you have the 32 flavor run the following jk_cp /home/jail /usr/lib/libnss*.so

I had jk_cp /home/jail /usr/lib64/libnss*.so in my instructions that I gave ya.

Also be sure with Fedora 7 that the /home/jail/etc/jailkit/jk_lsh.ini file points to the proper sftp-server. 

It should have:
executables = /usr/libexec/openssh/sftp-server

I think the default points to a different location.

I believe thats everything I changed... but its all a blur.



On 6/26/07, Tom Fortier <address@hidden> wrote:
I'm only running the 32bit version, should I even have a lib64 directory?  I will try and download all the libnss* lib's I can.  I followed your intructions about creating dev/null.  I also have dev/urandom and dev/log/.
 

Thank You,

Tom Fortier

Zotec Partners, LLC
714.727.1030 Direct Phone
949.279.0337 Cell Phone

address@hidden

 
From: jailkit-users-bounces+tfortier=address@hidden [mailto:address@hidden] On Behalf Of Tamakh
Sent: Tuesday, June 26, 2007 12:55 PM
To: address@hidden
Subject: Re: [Jailkit-users] FEDORA 7 Install

I had the same looking log when /home/jail/dev/null was not present also be sure that all your libnss*.so files are present in /home/jail/lib64.  I have 16 listed.  If they are not there, check /usr/lib64 to see if they are even installed. It all depends on your install of Fedora 7.



On 6/26/07, Tom Fortier <address@hidden> wrote:
Thanks Tam for the instructions.  I followed them to the "T" so I should
not be to far from success.  Here is a log copy of user=t3 trying to
sftp to server 172.16.12.126 .  I get stopped at successful
authentication.

Anymore ideas?

Tom




i Session 00025 established for session 172.16.12.126--sftp__t3
i SSH2Core version 4.3.0.407
i Connecting to 172.16.12.126:22 ...
i Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
i Using protocol SSH2
i RECV : Remote Identifier = "SSH-2.0-OpenSSH_4.5"
i CAP  : Remote can re-key
i CAP  : Remote sends language in password change requests
i CAP  : Remote sends algorithm name in PK_OK packets
i CAP  : Remote sends algorithm name in public key packets
i CAP  : Remote sends algorithm name in signatures
i CAP  : Remote sends error text in open failure packets
i CAP  : Remote sends name in service accept packets
i CAP  : Remote includes port number in x11 open packets
i CAP  : Remote uses 160 bit keys for SHA1 MAC
i CAP  : Remote supports new diffie-hellman group exchange messages
i CAP  : Remote correctly handles unknown SFTP extensions
i CAP  : Remote correctly encodes OID for gssapi
i CAP  : Remote correctly uses connected addresses in forwarded-tcpip
requests
i CAP  : Remote can do SFTP version 4
i CAP  : Remote x.509v3 uses ASN.1 encoding for DSA signatures
i GSS  : Requesting full delegation
i GSS : [Kerberos] SPN : address@hidden
i GSS : [Kerberos] Disabling gss mechanism
i GSS : [Kerberos] InitializeSecurityContext() failed.
i GSS : [Kerberos] The specified target is unknown or unreachable
i The following key exchange method has been filtered from the key
exchange method list because it is not supported:
gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==
i GSS  : Requesting full delegation
i GSS : [Kerberos w/ Group Exchange] SPN : address@hidden
i GSS : [Kerberos w/ Group Exchange] Disabling gss mechanism
i GSS : [Kerberos w/ Group Exchange] InitializeSecurityContext() failed.
i GSS : [Kerberos w/ Group Exchange] The specified target is unknown or
unreachable
i The following key exchange method has been filtered from the key
exchange method list because it is not supported:
gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==
i SEND : KEXINIT
i RECV : Read kexinit
i Available Remote Kex Methods =
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
i Selected Kex Method = diffie-hellman-group-exchange-sha1
i Available Remote Host Key Algos = ssh-rsa,ssh-dss
i Selected Host Key Algo = ssh-dss
i Available Remote Send Ciphers =
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfo
ur,aes192-cbc,aes256-cbc, address@hidden,aes128-ctr,aes192-c
tr,aes256-ctr
i Selected Send Cipher = aes256-cbc
i Available Remote Recv Ciphers =
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfo
ur,aes192-cbc,aes256-cbc, address@hidden,aes128-ctr,aes192-c
tr,aes256-ctr
i Selected Recv Cipher = aes256-cbc
i Available Remote Send Macs =
hmac-md5,hmac-sha1,hmac-ripemd160, address@hidden,hmac-sha1-9
6,hmac-md5-96
i Selected Send Mac = hmac-sha1
i Available Remote Recv Macs =
hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden ,hmac-sha1-9
6,hmac-md5-96
i Selected Recv Mac = hmac-sha1
i Available Remote Compressors = none,address@hidden
i Selected Compressor = none
i Available Remote Decompressors = none, address@hidden
i Selected Decompressor = none
i Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
i SEND : KEXDH_GEX_REQUEST
i RECV : KEXDH_GEX_GROUP
i SEND : KEXDH_INIT
i RECV : KEXDH_REPLY
i SEND : NEWKEYS
i Changing state from STATE_KEY_EXCHANGE to STATE_EXPECT_NEWKEYS
i RECV : NEWKEYS
i Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
i SEND: SERVICE_REQUEST[ssh-userauth]
i RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
i SENT : USERAUTH_REQUEST [none]
i RECV : USERAUTH_FAILURE, continuations [publickey,password]
i SENT : USERAUTH_REQUEST [password]
i RECV : AUTH_SUCCESS
i Channel Closed: 00000000 (The operation completed successfully. )


Thank You,

Tom Fortier
Zotec Partners, LLC
714.727.1030 Direct Phone
949.279.0337 Cell Phone

address@hidden


CONFIDENTIALITY NOTICE: This communication and any attachments may contain confidential and privileged information for the use of the designated recipient named above. If you are not the designated recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you receive this communication in error, please destroy all copies of this communication and any attachments and notify us immediately at (949) 263-8620.


_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users

CONFIDENTIALITY NOTICE: This communication and any attachments may contain confidential and privileged information for the use of the designated recipient named above. If you are not the designated recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you receive this communication in error, please destroy all copies of this communication and any attachments and notify us immediately at (949) 263-8620.

_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users


CONFIDENTIALITY NOTICE: This communication and any attachments may contain confidential and privileged information for the use of the designated recipient named above. If you are not the designated recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you receive this communication in error, please destroy all copies of this communication and any attachments and notify us immediately at (949) 263-8620. CONFIDENTIALITY NOTICE: This communication and any attachments may contain confidential and privileged information for the use of the designated recipient named above. If you are not the designated recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you receive this communication in error, please destroy all copies of this communication and any attachments and notify us immediately at (949) 263-8620.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]