Re: [Jailkit-users] Can't get logging working

[yellow protoss]

Hello,

thank you
I try to get the SFTP server jailed workign. If I use :
muukct:x:569:570::/home/muukct:/bin/bash
then logging with SSH becomes possible, but Not SFTP :(
 
Hence Oliver told me that If I do with /usr/sbin/jk_lsh
then SFTP jailed becomes possible.
But it looks like that SFTP jailed is barely workign, since lot of posts are reporting that SFTP is not possible or very unlucky.
I have no idea what to try more. I followed all of the howto's .:(

(SSH can work when I use the bash)
SFTP not working 

With my best regards
Yellow

On Sun, May 11, 2008 at 11:14 PM, Hi <address@hidden> wrote:

I believe your using the wrong shell.  That is what it
is telling you :)  jk_lsh is a very limited
non-interactive shell.  I'm sure you have read that in
your error logs enough.

Try adjusting your passwd files inside and outside the
jail.  Here is my /etc/passwd or part of it

tousant:x:567:568::/home/jail/./home/tousant:/usr/sbin/jk_chrootsh
backin:x:568:569::/home/jail/./home/backin:/usr/sbin/jk_chrootsh
muukct:x:569:570::/home/jail/./home/muukct:/usr/sbin/jk_chrootsh

Now here is my /home/jail/etc/passwd or part of it

tousant:x:567:568::/home/tousant:/bin/bash
backin:x:568:569::/home/backin:/bin/bash
muukct:x:569:570::/home/muukct:/bin/bash

That should make things clear enough for you.

--- yellow protoss <address@hidden> wrote:

> help:
>
> jk_init -v /home/chrootusers/ sftp
> /home/chrootusers/lib/libnss_dns.so.2 exists
> /home/chrootusers/etc/resolv.conf exists
> /home/chrootusers/etc/host.conf exists
> /home/chrootusers/etc/hosts exists
> /home/chrootusers/etc/protocols exists
> /home/chrootusers/lib/libnsl.so.1 exists
> /home/chrootusers/lib/libnss_compat.so.2 exists
> /home/chrootusers/lib/libnss_files.so.2 exists
> /home/chrootusers/etc/nsswitch.conf exists
> /home/chrootusers/usr/lib/sftp-server exists
> source file /usr/libexec/openssh/sftp-server does
> not exist
> source file /usr/lib/misc/sftp-server does not exist
> device /home/chrootusers/dev/urandom does exist
> already
> device /home/chrootusers/dev/null does exist already
>
>
> On Sun, May 11, 2008 at 10:49 PM, yellow protoss
> <address@hidden>
> wrote:
>
> > Hello,
> >
> > This guy has the same problem than me.
> >
>
http://www.linuxquestions.org/questions/linux-server-73/sftp-and-jailkit-573951/
> > It looks it is more a coding problem. all done
> looks fine in the
> > linuxquestion forum
> >
> > Greetings
> >
> >
> > On Sun, May 11, 2008 at 10:37 PM, yellow protoss
> <address@hidden>
> > wrote:
> >
> >>
> >> The progrma under linux does
> >> Running program ssh -e none -l username -p portnr
> debianbox -s sftp
> >>
> >> Regards
> >>
> >>
> >> On Sun, May 11, 2008 at 10:34 PM, yellow protoss
> <address@hidden>
> >> wrote:
> >>
> >>> Hi Oliver,
> >>>
> >>> Here is the logs, please could you help me to
> make it work your program ?
> >>>
> >>> May 11 22:29:57 localhost sshd[523]: (pam_unix)
> authentication failure;
> >>> logname= uid=0 euid=0 tty=ssh ruser=
> rhost=debian02  user=usernameid
> >>> May 11 22:29:59 localhost sshd[523]: Failed
> password for usernameid from
> >>> debian02 port 37405 ssh2
> >>> May 11 22:30:11 localhost sshd[536]: Accepted
> password for usernameid
> >>> from debian02 port 37407 ssh2
> >>> May 11 22:30:11 localhost sshd[542]: (pam_unix)
> session opened for user
> >>> usernameid by (uid=0)
> >>> May 11 22:30:14 localhost jk_chrootsh[557]: now
> entering jail
> >>> /home/chrootusers for user usernameid (XXXX)
> >>> May 11 22:30:14 localhost jk_lsh[557]: WARNING:
> user usernameid (XXXX)
> >>> tried to get an interactive shell session
> (/usr/sbin/jk_lsh), which is never
> >>> allowed by jk_lsh
> >>> May 11 22:30:17 localhost sshd[542]: (pam_unix)
> session closed for user
> >>> usernameid
> >>>
> >>> thanks
> >>> Yours sincerely,
> >>> Yellow
> >>>
> >>>
> >>> On Sun, May 11, 2008 at 10:14 PM, yellow protoss
> <
> >>> address@hidden> wrote:
> >>>
> >>>> Dear Oliver,
> >>>>
> >>>> It looks that the vsftpd does the same job as
> your program, no ? I found
> >>>> this :
>
http://www.howtoforge.com/vsftpd_mysql_debian_etch_p2
> >>>>
> >>>> It looks like it has a jail too. What do you
> think about it?
> >>>>
> >>>> Best regards,
> >>>> Yellow
> >>>>
> >>>>
> >>>> On Sat, May 10, 2008 at 12:48 PM, Olivier
> Sessink <
> >>>> address@hidden> wrote:
> >>>>
> >>>>> yellow protoss wrote:
> >>>>>
> >>>>>> Dear Olivier,
> >>>>>> I sent the "cat" from the /var/log of plenty
> of files last time, and
> >>>>>> apparently nothing was to be seen.
> >>>>>>
> >>>>>
> >>>>> there were a lot of small things in the logs,
> and I have no idea which
> >>>>> of these logs correspond to a winscp login.
> >>>>>
> >>>>>  Is there any other alternative rather than
> jailkit program under
> >>>>>> Linux?
> >>>>>>
> >>>>>
> >>>>> alternative for what?
> >>>>>
> >>>>>  I just would like that the person have access
> to a file server, via
> >>>>>> ssh, and remain in a particular folder in
> term of file server. Just
> >>>>>> something that works either in linux or
> windows would be fine.
> >>>>>>
> >>>>>
> >>>>> you can try pam_chroot, but that will give
> full shell access in a
> >>>>> chroot.
> >>>>>
> >>>>>
> >>>>> Olivier
> >>>>>
> >>>>>
> >>>>>
> _______________________________________________
> >>>>> Jailkit-users mailing list
> >>>>> address@hidden
> >>>>>
>
http://lists.nongnu.org/mailman/listinfo/jailkit-users
> >>>>>
> >>>>
> >>>>
> >>>
> >>
> >
> > _______________________________________________
> Jailkit-users mailing list
> address@hidden
>
http://lists.nongnu.org/mailman/listinfo/jailkit-users
>

     ____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users