similar to: Prompt for chrooted users

On Mon, July 6, 2015 15:47, m.roth at 5-cent.us wrote: > James B. Byrne wrote: >> We have a requirement to allow ssh access to a server in order to >> provide a secure link to one of our legacy systems. I would like to >> chroot these accounts. >> >> I have this working except for one small detail, the user's prompt >> in >> the ssh session. Each

CentOS-6 When I login as root I see this prompt: [root at vhost04 ~]# When I login as a non-priviledged user I see this instead: sh-4.1$ .bashrc and .bash_profile have identical contents in /root and /home/user. What causes the difference? Why? How does one change the default so that all normal users get a [userid at hostname pwd]$ prompt? I have loked in/etc/profile.d and /etc/bashrc

I am now investigating encrypting our IMAP user spool files. Does anyone have experience with handling encrypted data stores using either or both of the subject methods and would care tio share their observations? Which is the preferred method (I know: it depends, but on what?)? What administrative pain does each cause? Our IMAP host is a KVM guest so spinning up a duplicate and simply

James B. Byrne wrote: > We have a requirement to allow ssh access to a server in order to > provide a secure link to one of our legacy systems. I would like to > chroot these accounts. > > I have this working except for one small detail, the user's prompt in > the ssh session. Each user has their shell set to /bin/bash in > /etc/passwd. However, instead of getting the

I have the following gnome terminal profile settings: Backspace = ASCII DEL Delete Key = Escape Sequence If the logged in session in the terminal window is my own user id then the delete key does nothing. If however, I su -l in the same terminal window then the delete key removes the character under the cursor and left shifts the rest of the line. I am fairly confident that the delete

Well, I seem to have resolved most of this. In the end I had to create a separate logical link for the chrooted users' home directories that pointed back to their actual directory. It sounds confusing because it is. I first tried this in sshd_conf ChrootDirectory %h and in ~/%h I had created the following mount points: bin dev etc lib lib64 tmp usr Upon which I had hung mounts to

Our firm uses a dedicated virtual host to provide ssh tunnels for remote employee access to various internal services and for http/s access to the outside world. For security reasons I would like to have the remote users forward their dns lookups over the tunnel as well. However, we recently chrooted a number of ssh users and these accounts cannot resolve dns queries passed over the tunnel. I

I run a sshd host solely to allow employees to tunnel secure connections to our internal hosts. Some of which do not support encrypted protocols. These connections are chroot'ed via the following in /etc/ssh/sshd_config Match Group !wheel,!xxxxxx,yyyyy AllowTcpForwarding yes ChrootDirectory /home/yyyyy X11Forwarding yes Where external users belong to group yyyyy (primary). We

I have a little niggling situation that I would like to resolve programmatically. I use Git as my SCM and I have release branches which are sometimes patched. I find myself sometimes entering the working directory tree forgetting that I was last on a release branch and not on the master. What I would like to do is to have a script run every time that I enter a directory, check for .git, and if

I am doing some testing with XForms and I really need a separate instance of Firefox, one that shares nothing with my primary instance that has various reference works and web sites open, to test forms. Is this even possible? I have a sense from the small bit of testing that I have done that even with separate profiles and invoking the firefox process manually from different terminal windows

I did a yum update to my desktop machine as root this morning and now my regular logon account sees this whenever I press the enter key: etc/audisp/audispd.conf: Permission denied etc/audisp/plugins.d/af_unix.conf: Permission denied etc/audisp/plugins.d/syslog.conf: Permission denied etc/audit/audit.rules: Permission denied etc/audit/auditd.conf: Permission deniedetc/dhcp/dhclient.d/ntp.sh:

Note: I am digest subscriber so if you could copy me directly on any reply to the list I would appreciate it very much. I sent this to the OpenSSH list (secureshell at securityfocus.com) yesterday and received no response so I am asking here in hopes that someone else has run across this problem on CentOS. We have encountered a situation that requires sftp access to one of our server by an

This is probably a FAQ item but despite searching extensively with google I am unable to find an answerer to this question. Perhaps I am using the wrong words. In any case, at the risk of inducing some mirth at my ignorance, how can one script a cd command so that that the user remains in that directory when the script exits? I have to work with a long path to a project working directory and I

Previously, when I did this: >> samba-tool dns query localhost brockley.harte-lyne.ca brockley.harte-lyne.ca >> ALL -U administrator Then I saw this: >> Password for [BROCKLEY\administrator]: Now I see this: >> samba-tool dns query localhost brockley.harte-lyne.ca brockley.harte-lyne.ca >> ALL -U administrator >> Cannot do GSSAPI to an IP address >>

On Fri, June 17, 2016 12:31, Valeri Galtsev wrote: > > On Fri, June 17, 2016 10:19 am, James B. Byrne wrote: > >> Keys issued to individuals certainly should have short time limits >> on them. In the same way that user accounts on systems should >> always have a near term expiry date set. People are careless. >> And their motivations are subject to change. >

[root at smb4-1 ~ (master)]# samba-tool dns query localhost brockley.harte-lyne.ca brockley.harte-lyne.ca ALL -U administrator Password for [BROCKLEY\administrator]: Name=, Records=4, Children=0 SOA: serial=3, refresh=900, retry=600, expire=86400, minttl=3600, ns=SMB4-1.brockley.harte-lyne.ca., email=hostmaster.brockley.harte-lyne.ca. (flags=600000f0, serial=110, ttl=3600) NS:

This is mildly off topic since it has more to do with TCP/IP networking than with CentOS per se. However, at the risk of ruffling a few feathers I would like some advice on how to resolve the following routing problem: Given: dual homed host running CentOS-5.2 with eth0 = 2xx.yyy.zzz.23 eth1 = 192.168.219.1 and a Cisco gateway at 2xx.1xx.y7y.1 with the following networks: interface

---------------------------- Original Message ---------------------------- Subject: Re: [CentOS] Install CentOS-5.0 on HP-ComPaq DC7700 Dual Core From: "James B. Byrne" <byrnejb at harte-lyne.ca> Date: Mon, October 6, 2008 12:26 To: cenos at centos.org Cc: "John Newbigin" <jnewbigin at ict.swin.edu.au>

Where can I find a list of the options and their usage and meanings for the contents of this file? Regards, -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada

CentOS-6.5 (FreePBX-2.6) Asterisk-11.14.2 (FreePBX) snom870-SIP 8.7.3.25.5 I am having a very difficult time attempting to get TLS and SRTP working with Asterisk and anything else. At the moment I am trying to get TLS functioning with our Snom870 desk-sets. And I am not having much luck. Since this is an extraordinarily (to me) Byzantine environemnt I am going to ask if any of you have gotten