Displaying 20 results from an estimated 12000 matches similar to: "ls hangs in internal-sftp for LDAP users"
2017 May 12
2
ls hangs in internal-sftp for LDAP users
Le 12/05/2017 ? 12:47, Alexander Wuerstlein a ?crit :
> On 2017-05-12T12:07, mh at ow2.org <mh at ow2.org> wrote:
>> I'm using 7.2p2-4ubuntu2.1
>>
>> I have the same exact problem as described in the first comment in
>> https://bugzilla.mindrot.org/show_bug.cgi?id=1573
>>
>> Initially, my ldap server hostname and IP is only in /etc/hosts, not in
2017 May 18
2
ls hangs in internal-sftp for LDAP users + numeric uid/gid instead of names
Le 12/05/2017 ? 14:03, Alexander Wuerstlein a ?crit :
> On 2017-05-12T13:49, mh at ow2.org <mh at ow2.org> wrote:
>> Le 12/05/2017 ? 12:47, Alexander Wuerstlein a ?crit :
>>> On 2017-05-12T12:07, mh at ow2.org <mh at ow2.org> wrote:
>>>> I'm using 7.2p2-4ubuntu2.1
>>>>
>>>> I have the same exact problem as described in the first
2017 May 18
2
ls hangs in internal-sftp for LDAP users + numeric uid/gid instead of names
On 2017-05-18T13:13, mh at ow2.org <mh at ow2.org> wrote:
> Le 18/05/2017 ? 12:17, mh at ow2.org a ?crit :
> > However, I get uid/gid numbers instead of names within sftp session (ls
> > -l) ? I don't know if it's new but I would definitively prefer names...
>
> It seems the reason is :
>
> open("/etc/passwd", O_RDONLY|O_CLOEXEC) = -1 EACCES
2017 May 19
2
sshd_config : negation in Match blocks
Hi,
I want to come to a specific behavior described in
https://access.redhat.com/solutions/289073
For example, taking an user who is NOT a member of a group *-foo
Match Group !*-foo
=> this won't match
Match Group *,!*-foo
=> this will match
I would expect the first to match too, intuitively.
I'm unsure if this behavior is expected, and if not, if it has a
corresponding bug
2014 Mar 17
1
internal-sftp stuck on 'ls' with chrootdirectory
Hi all,
I am using Match directive and internal-sftp to chroot sftp users into their
directory. Connection and login works. I can change directories and put/get
files. Also logging of the internal sftp-process works (created a /dev/log
socket inside the chroot). As soon as I use the 'ls' command, nothing
happens and the the process gets stuck. Listing files does work as soon as I
remove
2009 Mar 16
4
[Bug 1573] New: ls hangs in internal-sftp
https://bugzilla.mindrot.org/show_bug.cgi?id=1573
Summary: ls hangs in internal-sftp
Product: Portable OpenSSH
Version: 5.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: gdr at go2.pl
2012 May 10
2
Is there any method, with ChrootDirectory and internal-sftp, to automatically cd to a subdir on login?
Hi,
This is either a query or a feature request. I have a system where sftp
users are chrooted using scponly, which while requiring much more setup than
OpenSSH's internal-sftp method, has the useful feature of allowing an
initial chroot to a subdirectory, typically the one used for file exchange.
I've searched for a way to do the same thing with OpenSSH. So far haven't
found it.
If
2009 Oct 23
3
internal-sftp only without ssh and scp hanging
I've configured OpenSSH_5.3p1 to only allow sftp connections (openssh
chroot functionality).
i.e.
Subsystem sftp internal-sftp
Match group sftpusers
ChrootDirectory /chroot/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
So far everything works correctly with sftp but when a user ssh's or
scp's to the box the login
2016 May 09
3
Cannot get sftp transfers to log in the systemd journal
I'd like to have sshd write entries into the systemd journal logging sftp transfers. From googling, it seems that one needs to edit /etc/ssh/sshd_config adding this line:
Subsystem sftp /usr/lib/ssh/sftp-server -f AUTH -l VERBOSE
I can transfer files via filezilla (sftp) but I don't get anything in `journalctl -u sshd` that shows these transfers, just a few lines showing I connected.
2009 Jan 09
1
setting umask for internal-sftp users
I'm running OpenSSH 5.1p1 on openSUSE 10.3 (i586) and I want to setup chroot jails for certain
SFTP-only users. I use the following lines in my sshd_config file:
Match Group sftponly
ChrootDirectory /home/chroot-%u
ForceCommand internal-sftp
It works great.
The problem is that some of my users need umask 002 for their uploads. I tried a few ways to
achieve this:
* set umask in sshrc,
2010 Jul 10
1
internal-sftp and logging not working with Fedora and chroot using 5.5?
Hope ya'all can help!
Been reading and reading, and adjusting... to no avail.
We need to have chroot'd SFTP activities logged on a file server and for
whatever reason, I simply cannot get it to log with users that are chroot'd
(this is necessary for auditing and HIPAA - so it is pretty important)
I have tried with Fedora 11/12 and even an older Fedora 8 server, the same
results:
1.
2020 Apr 11
2
internal-sftp + chroot [was: Parallel transfers]
Nico Kadel-Garcia wrote:
> in places where I do not want OpenSSH server's tendency ro let
> people with access look around the rest of the filesystem.
If you want users to be able to use *only* SFTP then set a ChrootDirectory
and ForceCommand internal-sftp in a Match for the user in sshd_config.
//Peter
2008 Jun 20
1
ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1)
Hi guys,
I have a server setup with openssh-5.0p1 and use some users as
sftp-only chroot accounts.
The following configuration yields exactly the result I want:
user is chrooted, logs to syslog, all is good.
#================================================#
Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE
Match User fredwww
ChrootDirectory %h
#ForceCommand internal-sftp
2023 Nov 12
2
restrict file transfer in rsync, scp, sftp?
On Sat, 11 Nov 2023, Bob Proulx wrote:
> I am supporting a site that allows members to upload release files. I
> have inherited this site which was previously existing. The goal is
> to allow members to file transfer to and from their project area for
> release distribution but not to allow general shell access and not to
> allow access to other parts of the system.
>
>
2008 Nov 11
3
Directory permissions in chroot SFTP
Hi,
I configured openssh 5.1p1 for sftp server.
Here the specifications in sshd_config file:
Subsystem sftp internal-sftp
Match Group sftp
ForceCommand internal-sftp
ChrootDirectory /home/%u
AllowTcpForwarding no
When a user is logged in, he can't upload his document and he receives
this message:
carlo at Music:~$ sftp user at 213.217.147.123
Connecting to
2008 Oct 27
2
[Bug 177] provide chroot option for sftp-server
https://bugzilla.mindrot.org/show_bug.cgi?id=177
Joshua Pettett <devel at homelinkcs.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|sshd |sftp-server
AssignedTo|openssh-bugs at mindrot.org |unassigned-bugs at mindrot.org
--- Comment
2009 Nov 18
1
internal-sftp atomic file operations?
Hi
I've been testing internal-sftp with chroot on OpenSSH_5.3p1 and it
seems that internal-sftp does not support POSIX atomic rename()
operations.
Can someone confirm that this feature is only available in the
sftp-server and not internal-sftp?
Are there plans to include atomic file operations in internal-sftp?
Thanks
2008 Jul 13
3
[Bug 1488] New: internal-sftp logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1488
Summary: internal-sftp logging
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: sftp-server
AssignedTo: unassigned-bugs at
2023 Nov 12
3
restrict file transfer in rsync, scp, sftp?
I am supporting a site that allows members to upload release files. I
have inherited this site which was previously existing. The goal is
to allow members to file transfer to and from their project area for
release distribution but not to allow general shell access and not to
allow access to other parts of the system.
Currently rsync and old scp has been restricted using a restricted
shell
2023 Mar 30
3
sftp and utmp
Hi,
We need to limit concurrent sftp logins to one per user (because of bad
client behaviour). Is there any way to achieve this I have overlooked?
It seems it could be possible with pam_limits, if sftp sessions were
recorded in utmp (a guess from what I found googling around). If I
configure /etc/security/limits.conf with
testuser hard maxlogins 1
and connect with ssh, and try a second