RE: Chrooted sftp on rhel3
- From: "Johan Booysen" <johan@xxxxxxxxxxxxxxxxx>
- Date: Tue, 19 Jun 2007 22:14:44 +0100
I have no idea at the moment.
I tested what I did on RHEL3, but now it seems that I'm going to have to
use RHEL4 for the real thing.
I don't suppose it will differ much, and once I've done the same on
RHEL4 I'll let you know.
Johan
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of John J. Culkin
Sent: 19 June 2007 21:06
To: General Red Hat Linux discussion list
Subject: Re: Chrooted sftp on rhel3
How would I go about creating a chrooted SFTP on RHEL 4 or 5?
Is the process much different?
Johan Booysen wrote:
Hi,
Thanks very much for all your replies.
I've managed to get it to work in the following way:
I copied the directories you create in your chroot jail (in my example
the directories etc, lib, and usr in my chroot jail /home) to the
individual ftp user's home folder:
# pwd
/home
# ls -l
total 24
drwxr-xr-x 2 root root 4096 Jun 15 10:41 etc
drwx------ 3 ftpuser ftpuser 4096 Jun 15 11:20 ftpuser
drwxr-xr-x 3 root root 4096 Jun 14 17:28 lib
drwxr-xr-x 6 root root 4096 Jun 14 17:26 usr
# cp -r etc ftpuser/
# cp -r lib ftpuser/
# cp -r usr ftpuser/
And then I modify /etc/rssh.conf and add an entry for that user:
user=ftpuser:011:00010:"/home/ftpuser" # sftp with chroot
And that works, it seems.
:)
I'm writing up a complete guide here:
http://joedonner2001.wordpress.com/red-hat-el3/sftp-server-within-a-ch
ro
ot-jail
but just note that it's not 100% accurate at the moment.
Johan
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Karl Latiss
Sent: 16 June 2007 10:05
To: General Red Hat Linux discussion list
Subject: Re: Chrooted sftp on rhel3
On Fri, 2007-06-15 at 11:42 +0100, Johan Booysen wrote:
Hi everyone,
I'm doing some tests setting up an sftp server, with setting up a
chroot jail for ftp users.
Everything seems to be working fine, but "ftpuser" can cd to outside
his home directory (ftpuser cannot access the user1 or user2
directories, but can get to etc, lib, and user), which ideally I
don't
want. I've played around with setting different permissions, but
only
the permissions below seem to work.
In /etc/rssh.conf, I've got the following to set the chroot path:
chrootpath = /home
# pwd
/home
# ls -l
total 24
drwxr-xr-x 2 root root 4096 Jun 15 10:41 etc
drwx------ 3 ftpuser ftpuser 4096 Jun 15 11:20 ftpuser
drwx------ 4 user1 user1 4096 May 25 15:27 gmi
drwx------ 5 user2 user2 4096 Jun 14 16:54 jhb
drwxr-xr-x 3 root root 4096 Jun 14 17:28 lib
drwxr-xr-x 6 root root 4096 Jun 14 17:26 usr
I've then also removed all entries from the copy of the passwd file
in
/home/etc/passwd, so that only the ftp users' accounts appear in it.
Any ideas on how to restrict access so ftp users are locked into
their
own home directories - if that is even possible? It doesn't seem
like
much of an issue to me, but I'd appreciate your thoughts.What is ftpuser's shell and home directory? Also have you set
allowsftp in /etc/rssh.conf ?
There also may be some clues in /var/log/messages depending on what
you have set logfacility to.
--
John J. Culkin Systems Administrator
John.Culkin@xxxxxxxxxxxx The University of Scranton
Phone: (570) 941-7665
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- References:
- RE: Chrooted sftp on rhel3
- From: Johan Booysen
- Re: Chrooted sftp on rhel3
- From: John J. Culkin
- RE: Chrooted sftp on rhel3
- Prev by Date: Wireless networking with CentOS 4.4 on Dell laptop
- Next by Date: RE: Wireless networking with CentOS 4.4 on Dell laptop
- Previous by thread: Re: Chrooted sftp on rhel3
- Next by thread: RE: Chrooted sftp on rhel3
- Index(es):
Relevant Pages
|
|
