|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
obsd 4.3 chrooted sftp permissions?
Hi there
I'm trying since a couple of days to setup a chrooted sftp access to a test obsd machine running apache. Ideally I would like to grant group access to update some web content but after checking all I found, I'm still unsuccessful Here are the relevant details ... Code:
# OpenBSD 4.3 GENERIC#0 i386 SFTPG=webgroup SFTPU=webadmin SFTPP=webadminpass SFTPD=/var/www/htdocs/project mkdir $SFTPD groupadd -v $SFTPG useradd -c "webadmin user" -d / -g $SFTPG -p $(encrypt -b 6 $SFTPP) -s /sbin/nologin $SFTPU chown root:$SFTPG $SFTPD chmod 0755 $SFTPD Code:
# /etc/ssh/sshd_config #Subsystem sftp /usr/libexec/sftp-server Subsystem sftp internal-sftp Match group $SFTPG ChrootDirectory $SFTPD X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp Code:
kill -HUP `cat /var/run/sshd.pid` Any attempt to change the group permissions, chmod g+w $SFTPD or similar, results in NOT being able to successfully start a session ... Code:
psftp -v -l webadmin -pw webadminpass 192.168.1.50 Looking up host "192.168.1.50" Connecting to 192.168.1.50 port 22 Server version: SSH-2.0-OpenSSH_4.8 We claim version: SSH-2.0-PuTTY_Release_0.60 Using SSH protocol version 2 Doing Diffie-Hellman group exchange Doing Diffie-Hellman key exchange with hash SHA-256 Host key fingerprint is: ssh-rsa 2048 b6:fb:6a:7b:ea:5e:1a:71:52:c9:a5:c5:d8:fa:61:27 Initialised AES-256 SDCTR client->server encryption Initialised HMAC-SHA1 client->server MAC algorithm Initialised AES-256 SDCTR server->client encryption Initialised HMAC-SHA1 server->client MAC algorithm Using username "webadmin". Keyboard-interactive authentication refused Sent password Access granted Server unexpectedly closed network connection Fatal: Server unexpectedly closed network connection Any comments/remarks are most welcome Luismi Last edited by luismi; 25th June 2008 at 07:15 PM. |
Tags |
chmod, chroot, obsd 4.3, permissions, sftp |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
openBSD4.4 + Chrooted apache1.3 + php5 + sessions | wolf3d | OpenBSD Packages and Ports | 1 | 2nd July 2009 11:07 AM |
Sftp Bus error: 10 (core dumped) | smokem | FreeBSD General | 0 | 21st April 2009 12:45 PM |
List of users connected by sftp. | amscotti | OpenBSD General | 7 | 1st April 2009 07:26 PM |
PureFTP + TLS / or SFTP | plexter | OpenBSD Security | 11 | 6th October 2008 10:32 PM |
build a sftp server | milo974 | OpenBSD General | 9 | 26th September 2008 11:09 AM |