Displaying 7 results from an estimated 7 matches for "sftpusers".
Did you mean:
ftpusers
2009 Mar 13
0
winbind cache seems to change the group membership of a user
...ry" option for the sshd daemon to jail my ssh
users. Additionally, I'm using the "Match group" option to only jail people
belonging to a specific active directory group. Here are the relevant lines
of the sshd_config file:
LogLevel Debug3
Subsystem sftp internal-sftp
Match group sftpusers
ChrootDirectory /my/chroot/home
ForceCommand internal-sftp
sftpusers is an active directory group.
I logged me in with a user belonging to that group. The first time, the user
will only see the home directories of the other jailed users, so, the real
root path won't be showed. However, if I...
2009 Oct 23
3
internal-sftp only without ssh and scp hanging
I've configured OpenSSH_5.3p1 to only allow sftp connections (openssh
chroot functionality).
i.e.
Subsystem sftp internal-sftp
Match group sftpusers
ChrootDirectory /chroot/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
So far everything works correctly with sftp but when a user ssh's or
scp's to the box the login hangs after authentication.
Is there anyway to get sshd to close...
2019 Jun 21
2
Samba winbind on redhat 7
On 21/06/2019 15:39, Edouard Guign? via samba wrote:
> Hello,
>
> I am facing 2 issues now.
> The first one is the more critical for me...
>
> 1. When I switch from sssd to winbind with :
> # authconfig --enablekrb5 --enablewinbind --enablewinbindauth
> --enablemkhomedir --update
>
> My sftp access did not work. Does it change the way to pass the login ?
> I used
2019 Jun 20
2
Samba winbind on redhat 7
This way is so easier...
Thank you Rowland
Le 20/06/2019 ? 14:01, Rowland penny via samba a ?crit?:
> On 20/06/2019 17:54, Edouard Guign? via samba wrote:
>> My idea is to replace default "cifs_idmap_sss.so" plugin by
>> "idmapwb.so" winbind plugin, in order to SSSD becomes a client of
>> winbind.
>> To avoid to change nsswitch.conf :
>>
2012 Nov 12
5
[Bug 2048] New: Make chrooted sftp more user friendly using bind mount (solution suggested)
...cture because this will often leave him
confused and he'll often call helpdesk and complain about it. That's
one of reasons why we have chroot support in OpenSSH. Other reason is
obvious: better security.
So this is typical configuration:
Subsystem sftp internal-sftp
Match Group sftpusers
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
It has one big problem. For security reasons we cannot chroot into
directory that is not owned by root (or writable by user). There's
probably nothing we can do about this right now, but let's take a
deeper look...
2019 Jun 21
0
Samba winbind on redhat 7
Yes, I have only one domain.
Even after added "winbind use default domain = yes" to smb.cnf, I cannot
ssh :
/Jun 21 12:43:59 [localhost] sshd[5938]: pam_sss(sshd:auth): Request to
sssd failed. Connection refused//
//Jun 21 12:43:59 [localhost] sshd[5938]: pam_krb5[5938]: TGT verified
using key for 'host/mysambserver at MYDOMAIN.LOCAL'//
//Jun 21 12:43:59 [localhost]
2019 Jun 21
0
Samba winbind on redhat 7
Hello,
I am facing 2 issues now.
The first one is the more critical for me...
1. When I switch from sssd to winbind with :
# authconfig --enablekrb5 --enablewinbind --enablewinbindauth
--enablemkhomedir --update
My sftp access did not work. Does it change the way to pass the login ?
I used to connect in sftp with userlogin / userpassword
//var/log/secure ://
/
/Jun 21 11:08:31 [localhost]