similar to: sftp and utmp

Le Friday, 31 March 2023, 17:47:14 EDT John-Mark Gurney a ?crit : > hvjunk wrote this message on Thu, Mar 30, 2023 at 23:12 +0200: > > I've been battling similar issues, and the only methods I've found (with sftp) was to use > > software like pureftd or crushftp (using crushftp lately as production) that does handle these > > issues "out of the box" > >

hvjunk wrote this message on Thu, Mar 30, 2023 at 23:12 +0200: > I've been battling similar issues, and the only methods I've found (with sftp) was to use > software like pureftd or crushftp (using crushftp lately as production) that does handle these > issues "out of the box" > Other than that, I'd expect you'll need to write your own PAM modules to track the

On Thu, 30 Mar 2023, Fran?ois Ouellet wrote: > Hi, > > We need to limit concurrent sftp logins to one per user (because of bad > client behaviour). Is there any way to achieve this I have overlooked? > > It seems it could be possible with pam_limits, if sftp sessions were > recorded in utmp (a guess from what I found googling around). If I > configure

Le Saturday, 1 April 2023, 02:06:04 EDT Philipp Marek a ?crit : > Set a max-process ulimit in /etc/security/limits.conf (using a group specification). > > For internal sftp 1, for external 2, I guess. I'v seen this suggested before and I have tried it then. It doesn't work with this particular config. I don't know why yet. It works when I don't use the internal-sftp

> On 03 Apr 2023, at 15:38, Fran?ois Ouellet <franco at sol.mpact.tv> wrote: > > I'm using the internal-sftp server, because it's a chrooted setup. > Not sure this can easily be done with this setup Yes, I know it's not OpenSSH, I'm just a happy user, but seriously for this use case, consider CrushFTP, or ProFTPd for the opernsource with the sftp module

Le Monday, 3 April 2023, 00:05:25 EDT Damien Miller a ?crit : > On Thu, 30 Mar 2023, Fran?ois Ouellet wrote: > > > Hi, > > > > We need to limit concurrent sftp logins to one per user (because of bad > > client behaviour). Is there any way to achieve this I have overlooked? > > > > It seems it could be possible with pam_limits, if sftp sessions were

On Mon, Apr 3, 2023 at 12:16?AM Damien Miller <djm at mindrot.org> wrote: > > On Thu, 30 Mar 2023, Fran?ois Ouellet wrote: > > > Hi, > > > > We need to limit concurrent sftp logins to one per user (because of bad > > client behaviour). Is there any way to achieve this I have overlooked? > > > > It seems it could be possible with pam_limits, if

Ok fellows, This is my last try. Please, anybody tell me if something is missing on this list! I need to setup on a Linux + Samba (PDC) to restrict just one login per ID (not allow two logins with same id).So: 1 - edit /etc/pam.d/samba -> chaging session line with session required /lib/security/pam_limits.so 2 - in /etc/security/limits.conf: * - maxlogins 1 3 - in smb.conf:

Hi, For one of my application, for accepting the ssh connection on different namespaces, I am instantiating "sshd service" on different namespaces. I am able to create ssh connection on each namespcae but I want to put a limitation on max concurrent ssh connection to 5 for each namespace. Is there a way to achieve it using openssh. Thanks & Regards Amit

https://bugzilla.mindrot.org/show_bug.cgi?id=3723 Bug ID: 3723 Summary: sshd failed to close session when client specifies no remote command Product: Portable OpenSSH Version: 8.0p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: PAM

> On 17 Jan 2019, at 14.19, Marc Roos <M.Roos at f1-outsourcing.eu> wrote: > > > Same ip, connection, session happens after a few seconds, all on local > test network. Sorry I mistakenly overlooked at the ip:s. But anyway that is multiple connections and seems that PAM has some concurrency limit and refuses the third connection Thunderbird opens. so you probably have

On Tue, 4 Apr 2023, Nico Kadel-Garcia wrote: > > We've been asked about this a number of times before - the problem is > > that utmp is really set up to record interactive logins that have a > > TTY/PTY assigned. There is AFAIK no real standard for recording > > "service logins" (e.g. sftp or SSH command execution w/o TTY) in utmp > > and many OS utmp

https://bugzilla.mindrot.org/show_bug.cgi?id=2648 Bug ID: 2648 Summary: allow max connections config Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

On 30.03.23 22:43, Fran?ois Ouellet wrote: > We need to limit concurrent sftp logins to one per user (because of bad > client behaviour). Is there any way to achieve this I have overlooked? What authentication method(s) do your users use? On our Internet-facing SFTP server, by default (few exceptions), we accept only pubkey auth and require users to (un)install pubkeys through us. In

Set a max-process ulimit in /etc/security/limits.conf (using a group specification). For internal sftp 1, for external 2, I guess.

On Tue, Apr 4, 2023 at 6:10?AM Damien Miller <djm at mindrot.org> wrote: > > On Tue, 4 Apr 2023, Nico Kadel-Garcia wrote: > > > > We've been asked about this a number of times before - the problem is > > > that utmp is really set up to record interactive logins that have a > > > TTY/PTY assigned. There is AFAIK no real standard for recording > >

Hi, Samba 2.2.3a release notes say that utmp is fixed in this version. But doesn't seem to be working with me. I have few of my shares enables with this option and 'utmp directory' is set globally. Am I missing something here ? or this still remains a bug ? regards Amit ------------------------------------------------------------------------------ Amit Deshmukh Graduate Student

re this is a patch against samba-2.2.12p0 and adds support for updating utmp on bsds. code similarly ripped from openbsd's ftpd (; cu -- paranoic mickey (my employers have changed but, the name has remained) --- utmp.c Thu Aug 12 14:24:20 2004 +++ /home/mickey/utmp.c Wed Mar 30 15:51:40 2005 @@ -261,6 +261,7 @@ } #ifndef HAVE_PUTUTLINE +#include <ttyent.h>

Hello, I have Samba 3.0.2a running (within a Sarge Debian installation) and must use utmp logging for some reasons. The following things have been checked: | # testparm | grep utmp [...] | utmp directory = /var/log/samba/ | utmp = Yes | # ls -ld /var/log/samba/ | drwxr-x--- 2 root adm 4096 May 9 06:25 /var/log/samba/ | # smbd -b|grep -i utmp | UTMP Options: |

re i have posted this before but received no response... is there anybod reading on this address? cu ----- Forwarded message (env-from mickey) ----- re this is a patch against samba-2.2.12p0 and adds support for updating utmp on bsds. code similarly ripped from openbsd's ftpd (; cu -- paranoic mickey (my employers have changed but, the name has remained) --- utmp.c Thu Aug 12