sftp requests don't go via rssh

Wed, 29 Jan 2014 08:44:41 -0800 

Hello All,
I've setup rssh to what seemed to be a proper configuration but I noticed
that sftp doesn't go at all via rssh. And therefore doesn't go in the
chroor jail.It just goes via the default sftp module of ssh.

rssh.conf:
logfacility = LOG_USER
allowscp
allowsftp
umask = 022
chrootpath = /export
user=user:007:00011:/export/user

user:x:2004:2004:no shell user:/export/user:/usr/bin/rssh

/var/log/messages contains this upon creating a scp connection:
Jan 29 17:15:36 server01 rssh[18356]: setting log facility to LOG_USER
Jan 29 17:15:36 server01 rssh[18356]: allowing scp to all users
Jan 29 17:15:36 server01 rssh[18356]: allowing sftp to all users
Jan 29 17:15:36 server01 rssh[18356]: setting umask to 022
Jan 29 17:15:36 server01 rssh[18356]: chrooting all users to /chrootpl
Jan 29 17:15:36 server01 rssh[18356]: line 53: configuring user user
Jan 29 17:15:36 server01 rssh[18356]: setting user's umask to 07
Jan 29 17:15:36 server01 rssh[18356]: allowing scp to user user
Jan 29 17:15:36 server01 rssh[18356]: allowing sftp to user user
Jan 29 17:15:36 server01 rssh[18356]: chrooting user to /export/user
Jan 29 17:15:36 server01 rssh[18356]: chroot cmd line:
/usr/libexec/rssh_chroot_helper 1 "scp -t in/"

but nothing when sftp is connecting.

the sshd_config has only this about sftp:
Subsystem       sftp    internal-sftp

when I have a match rule in the sftp the scp doesn't work:

Match group noshell
       ChrootDirectory %h
       X11Forwarding no
       AllowTcpForwarding no
       ForceCommand internal-sftp

so this is no commented out.

Has anyone else also noticed this? Does anyone have any pointers?

-- 
Best Regards,
Petyo Vodenicharov

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable 
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
rssh-discuss mailing list
rssh-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rssh-discuss

Reply via email to