jailkit-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Users connected via SFTP not jailed


From: Olivier Sessink
Subject: Re: [Jailkit-users] Users connected via SFTP not jailed
Date: Fri, 04 Apr 2014 00:15:38 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0

On 04/03/2014 11:49 AM, Ali Nebi wrote:
> Hi,
>
> I have installed jailkit on ubuntu 12.04 and it is working perfectly
> for SSH accesses for jailed users. They are in jail dir and all is ok.
> But i noticed today that when users connect via SFTP, they see and can
> browse in real system - they are not jailed. I checked all libraries,
> all device files related to sftp and all is copied to jail dir. Can
> you give me advices how to get this working?

all processes that are started via the shell of the user will be jailed
(because the shell it jk_chrootsh). Any process that is not started via
the shell is not jailed. Normally openssh will start sftp via the shell
and thus the user is jailed. So my first guesses are:

- you could be using a different ssh server, or differently configured ?

- you could be using ftps (ftp over ssl) and not sftp (ftp over ssh),
and the ftps server is not in a jail

Olivier

-- 
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]