Good morning Seems like I was a bit out of it yesterday. Anyway, it works now. I just misunderstood the functionality of rssh / sftp.. But still, I'm wondering. Shouldn't I be able to run sftp with the user who is set to restricted ssh? I mean, is allowsftp ONLY meant to allow the connection via sftp onto the server with rssh?
I added what I got when I run ssh u...@server sftp (not sftp u...@server). ____________________ Errorlog Message: Sep 17 06:34:33 HOSTNAME rssh[364]: user globie attempted to execute forbidden commands Sep 17 06:34:33 HOSTNAME rssh[364]: command: sftp Sep 17 06:34:33 HOSTNAME sshd[363]: Received disconnect from 10.134.22.149: 11: disconnected by user ___________________________ Message to the user: ki...@combuntu: ssh glo...@hostname sftp Password: This account is restricted by rssh. Allowed commands: scp sftp If you believe this is in error, please contact your system administrator. ___________________________ rssh -v Copyright 2002-2010 Derek D. Martin <rssh-discuss at lists dot sourceforge dot net> rssh config file = /usr/local/etc/rssh.conf chroot helper path = /usr/local/libexec/rssh_chroot_helper scp binary path = /usr/bin/scp sftp server binary = /usr/lib/ssh/sftp-server cvs binary path = /usr/bin/cvs rdist binary path = /usr/bin/rdist rsync binary path = /usr/bin/rsync rssh.conf # This is the default rssh config file # set the log facility. "LOG_USER" and "user" are equivalent. logfacility = LOG_USER # Leave these all commented out to make the default action for rssh to lock # users out completely... allowscp allowsftp #allowcvs #allowrdist #allowrsync # set the default umask umask = 022 # If you want to chroot users, use this to set the directory where the root of # the chroot jail will be located. # # if you DO NOT want to chroot users, LEAVE THIS COMMENTED OUT. chrootpath = /usr/bin/chroot # You can quote anywhere, but quotes not required unless the path contains a # space... as in this example. #chrootpath = "/usr/local/my chroot" ___________________________ Kind regards Kielo S. Quoting Derek Martin <[email protected]>: > On Thu, Sep 16, 2010 at 09:24:43PM +0200, [email protected] wrote: >> Okay, I'll go a wee less chaotic.. > > Well, we're still missing some important details. Whenever you're > troubleshooting, the exact details matter. Please respond to the > questiosn below when you have them. > > Do you have more than one copy of SSH installed on your system? > > What is the output of rssh -v? > > Did you install from sources, or from a package for your OS? > >> In the /var/log/messages file was written that the user globi tried >> to run a forbidden command (sftp). > > What was the exact message? > >> After that, I set the configuration to all users, so it looked like >> >> allowscp >> allowsftp >> #allowcvs >> #allowrdist >> #allowrsync > > This was the whole config file? There were no other lines in it? > >> Hope this helps more, problem's I'm not at work where I have all the >> stuff and somehow the login's not working on our gentoo systems atm, >> so I can't test it now (lack of time). > > -- > Derek D. Martin > http://www.pizzashack.org/ > GPG Key ID: 0x81CFE75D > >
binsQoA2d0aLX.bin
Description: PGP Public Key
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ rssh-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/rssh-discuss
