armin at xos
Jun 13, 2009, 12:18 PM
Post #1 of 1
(671 views)
Permalink
|
|
openssh sftp chroot /bin/false
|
|
hi!
i need ssh users and sftp users on my server. they don't mix so sftp users have a /bin/false
as their shell.
however when i try a ssh connect to such a user. he does not get disconnected but hangs forever.
can it be that sshd searches foer /bin/false in the chroot environment?
but i tried to place it there including ldd requirements. no success.
i just want sftp users to get no shell and also no hanging connections... sftp works right now.
thanks!
---------------------------------------
Protocol 2
PermitRootLogin without-password
ChallengeResponseAuthentication=no
UsePAM yes
X11Forwarding yes
PrintMotd no
PrintLastLog no
Subsystem sftp internal-sftp
Match Group sftponly
ChrootDirectory %h
ForceCommand internal-sftp
X11Forwarding no
AllowTcpForwarding no
---------------------------------------
using OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009
example user:
test:x:1012:1009::/home/test:/bin/false
maybe a new option: DisconnectOnShell yes
would help.
Ciao,
Armin
--
armin [at] xos pgp public key on request CU
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
|
