similar to: SFTP subsystem and explicit file permissions

Displaying 20 results from an estimated 3000 matches similar to: "SFTP subsystem and explicit file permissions"

2010 Nov 04
1
Explicit file permissions for sftp-server
Hello again, Even with umask working (thanks very much!) I have found that I require more control over file permissions with sftp-server/internal-sftp. Please see the attached patch. It adds yet another option to sftp-server (-m) that will force file permissions. I have a been running a patched version of 5.6p1 under RHEL4 in production with no problems. Please consider including this change
2010 Dec 09
3
[Bug 1844] New: Explicit file permissions enhancement to sftp-server
https://bugzilla.mindrot.org/show_bug.cgi?id=1844 Summary: Explicit file permissions enhancement to sftp-server Product: Portable OpenSSH Version: 5.6p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org
2009 Jan 09
1
setting umask for internal-sftp users
I'm running OpenSSH 5.1p1 on openSUSE 10.3 (i586) and I want to setup chroot jails for certain SFTP-only users. I use the following lines in my sshd_config file: Match Group sftponly ChrootDirectory /home/chroot-%u ForceCommand internal-sftp It works great. The problem is that some of my users need umask 002 for their uploads. I tried a few ways to achieve this: * set umask in sshrc,
2010 Feb 10
1
Syslog for chroot-jailed SFTP users?
Maybe one of you can help. We have set up a CentOS server so that each user who logs in via sftp will be jailed in their home directory. Here's the relevant sshd_config: # override default of no subsystems Subsystem sftp internal-sftp -f LOCAL2 -l INFO Match Group sftponly ChrootDirectory /home/%u ForceCommand internal-sftp This actually works great, but none of
2014 Sep 24
11
[Bug 2282] New: When group member count exceeds 126, config reliant fails
https://bugzilla.mindrot.org/show_bug.cgi?id=2282 Bug ID: 2282 Summary: When group member count exceeds 126, config reliant fails Product: Portable OpenSSH Version: 5.3p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: sftp-server
2020 Aug 31
2
[Bug 3207] New: Match blocks ignored in files processed by Include
https://bugzilla.mindrot.org/show_bug.cgi?id=3207 Bug ID: 3207 Summary: Match blocks ignored in files processed by Include Product: Portable OpenSSH Version: 8.3p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at
2010 Jul 10
1
internal-sftp and logging not working with Fedora and chroot using 5.5?
Hope ya'all can help! Been reading and reading, and adjusting... to no avail. We need to have chroot'd SFTP activities logged on a file server and for whatever reason, I simply cannot get it to log with users that are chroot'd (this is necessary for auditing and HIPAA - so it is pretty important) I have tried with Fedora 11/12 and even an older Fedora 8 server, the same results: 1.
2009 Jun 13
0
openssh sftp chroot /bin/false
hi! i need ssh users and sftp users on my server. they don't mix so sftp users have a /bin/false as their shell. however when i try a ssh connect to such a user. he does not get disconnected but hangs forever. can it be that sshd searches foer /bin/false in the chroot environment? but i tried to place it there including ldd requirements. no success. i just want sftp users to get no shell
2013 Jan 18
1
sftp does not allow rename across file system
Hello: I got the error EXDEV (Invalid cross-device link) when renaming one file to another directory that is actually mounting another file system. I am using SSH-2.0-OpenSSH_6 with standard SFTP setup as below Subsystem sftp internal-sftp Match group sftponly ChrootDirectory /home/sftp/%u X11Forwarding no AllowTcpForwarding no ForceCommand
2010 Nov 02
1
SFTP subsystem and umask
Hello, I have noticed that the -u parameter to the sftp-server or internal-sftp subsystem is not working correctly. For openssh-5.6p1 I believe that the problem lies in this code, starting at line 1414 in sftp-server.c: ---------------------------------------------------------- case 'u': mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg); if (errmsg != NULL)
2010 Jul 14
1
SFTP Chroot
HI: I tried to deploy a SFTP server with chroot but when i tried to connnect the client send the next error: Write failed: Broken pipe Couldn't read packet: Connection reset by peer The sshd_conf file is the next: ------------------------------------------------------------------- # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and
2009 Jun 30
5
[Bug 1616] New: root owned empty subdirs are deletable by chroot users
https://bugzilla.mindrot.org/show_bug.cgi?id=1616 Summary: root owned empty subdirs are deletable by chroot users Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org
2009 Jun 12
0
can you stop the trouble with file masks and default permissions?
Hello! Please take a look at this problem: 1. at sshd_config: Subsystem sftp internal-sftp Match group sftponly ? ? ? ? ?ChrootDirectory /public ? ? ? ? ?X11Forwarding no ? ? ? ? ?AllowTcpForwarding no ? ? ? ? ?ForceCommand internal-sftp 2. at client's bash: sshfs server:/ /home/kr/krpub-mount -o uid=$(id -u kr) -o gid=$(id -g kr) -o allow_other -o default_permissions -o reconnect -o
2008 Sep 23
3
[Bug 1527] New: ForceCommand internal-sftp needs a way to enable logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1527 Summary: ForceCommand internal-sftp needs a way to enable logging Product: Portable OpenSSH Version: 5.1p1 Platform: Itanium2 OS/Version: HP-UX Status: NEW Severity: minor Priority: P4 Component: sftp-server AssignedTo:
2011 Nov 18
4
[Bug 1951] New: Add home directory facility for chrooted environments
https://bugzilla.mindrot.org/show_bug.cgi?id=1951 Bug #: 1951 Summary: Add home directory facility for chrooted environments Classification: Unclassified Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: sshd
2008 Apr 15
0
ChrootDirectory - SFTP subsystem works fine but SSH hangs
Hi I'm using Centos 5 with Openssh-5.0p1 installed (and OpenSSL 0.98b and Zlib 1.2.3-3). I've managed to get a chroot'd SFTP session using ChrootDirectory and the new built-in SFTP subsystem. However, when I use SSH to connect to the same account the session hangs rather than closing the connection. This happens whether or not I use /sbin/nologin /bin/false or even /bin/sh
2023 Nov 12
2
restrict file transfer in rsync, scp, sftp?
On Sat, 11 Nov 2023, Bob Proulx wrote: > I am supporting a site that allows members to upload release files. I > have inherited this site which was previously existing. The goal is > to allow members to file transfer to and from their project area for > release distribution but not to allow general shell access and not to > allow access to other parts of the system. > >
2023 Nov 12
1
restrict file transfer in rsync, scp, sftp?
On 12.11.23 03:52, Damien Miller wrote: > On Sat, 11 Nov 2023, Bob Proulx wrote: > >> I am supporting a site that allows members to upload release files. I >> have inherited this site which was previously existing. The goal is >> to allow members to file transfer to and from their project area for >> release distribution but not to allow general shell access and not
2008 Jun 20
1
ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1)
Hi guys, I have a server setup with openssh-5.0p1 and use some users as sftp-only chroot accounts. The following configuration yields exactly the result I want: user is chrooted, logs to syslog, all is good. #================================================# Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE Match User fredwww ChrootDirectory %h #ForceCommand internal-sftp
2014 Mar 17
1
internal-sftp stuck on 'ls' with chrootdirectory
Hi all, I am using Match directive and internal-sftp to chroot sftp users into their directory. Connection and login works. I can change directories and put/get files. Also logging of the internal sftp-process works (created a /dev/log socket inside the chroot). As soon as I use the 'ls' command, nothing happens and the the process gets stuck. Listing files does work as soon as I remove