Hi, The server I am trying to get this working on is RHEL5 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:39 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux OpenSSH Version is: OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 ssh and sftp work fine for admin uses, but I need to set up an sftp folder for a third party drop-off for importing data. I compiled and installed from "rssh-2.3.3.tar.gz" using simply ./configure and make install signed in as root. I added a user and built a chroot jail with a home folder for that user below the jail. The jail is: /u/www/pe5/clients/prexhop/hl7/rawimport The user's passwd entry is: hopftp:x:1901:50::/u/www/pe5/clients/prexhop/hl7/rawimport/ahosp:/usr/local/bin/rssh The rssh.conf file has a single line in it: user = hopftp:000:00010:/u/www/pe5/clients/prexhop/hl7/rawimport I set up dev/log and bin/ls additionally so I could catch messages after chroot'ing and got through all the obvious trip-ups... (like: "rssh_chroot_helper[8018]: execv() failed, /usr/libexec/openssh/sftp-server: No such file or directory", which was actually sftp-server needing the libs for determining the UID in the jail...) Then I was able to, from the command prompt, signed on as root: --- # cd /u/www/pe5/clients/prexhop/hl7/rawimport # chroot . # cd /ahosp # /usr/libexec/openssh/sftp-server --- Which executes sftp-server without error at this point, but of course since I can't interact with sftp-server via the keyboard properly, it drops out after I hit enter.
Then, from a remote site, I try to use the account for sftp and the session looks like this (not the real IP, just an example): # sftp hopftp@2.2.2.2 Connecting to 2.2.2.2... hopftp@2.2.2.2's password: Connection closed (the password is not the issue, if I change the user's shell to bash, I can login from a remote site using ssh without any problems) The resulting entries in /var/log/messages are (again the IP isn't real): Apr 7 14:43:05 pe sshd[1076]: Accepted password for hopftp from 28.28.28.28 port 49933 ssh2 Apr 7 14:43:05 pe sshd[1076]: subsystem request for sftp Apr 7 14:43:05 pe rssh[1389]: line 1: configuring user hopftp Apr 7 14:43:05 pe rssh[1389]: setting hopftp's umask to 0 Apr 7 19:43:05 pe rssh_chroot_helper[1389]: new session for hopftp, UID=1901 Apr 7 14:43:05 pe rssh[1389]: allowing sftp to user hopftp Apr 7 19:43:05 pe rssh_chroot_helper[1389]: user's home dir is /u/www/pe5/clients/prexhop/hl7/rawimport/ahosp Apr 7 14:43:05 pe rssh[1389]: chrooting hopftp to /u/www/pe5/clients/prexhop/hl7/rawimport Apr 7 19:43:05 pe rssh_chroot_helper[1389]: chrooted to /u/www/pe5/clients/prexhop/hl7/rawimport Apr 7 14:43:05 pe rssh[1389]: chroot cmd line: /usr/local/libexec/rssh_chroot_helper 2 "/usr/libexec/openssh/sftp-server" Apr 7 19:43:05 pe rssh_chroot_helper[1389]: changing working directory to /ahosp (inside jail) Based on a few items I saw about about other UID issues that might be causing trouble, I tried: cd /lib; find . -print | cpio -pmud /u/www/pe5/clients/prexhop/hl7/rawimport/lib cd /lib64; find . -print | cpio -pmud /u/www/pe5/clients/prexhop/hl7/rawimport/lib64 But that did not make any difference. It looks like everything should be working - no errors anywhere... but it drops to "Connection closed"... Any help would be greatly appreciated, Larry Irwin CCA Medical ------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev _______________________________________________ rssh-discuss mailing list rssh-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rssh-discuss
