Hi all. I have installed openssh 5.3 and set up jailed root.
It works almost as I want it to I cant cd to any directory above my ch root.
my config :
entry in passwd:
sshd_conf:
directories:
/users2 owner root:root 755
/users2/test2 owner root:root 755
/users/test2/ftpfiles owner test2:mygroup 755
When I do sftp test2@testhost I enter in /users2/test2 but there I cant write so I have to cd into ftpfiles
Is this the expected behavior? ? I expected to enter directly to a directory where I could write preferably, /users2/test2.
Should I use other options to ChrootDirectory?
Thanks in advance.
/Jan
Last edited by pludi; 11-03-2009 at 05:22 PM..
Reason: code tags, please...
If i were to create a new user for my ftp would chroot be the proper command to set there root directory as the file i've put all my FTP stuff in? Also would that jail them, or would they beable to get out of the set directory? (0 Replies)
Hi!!
I'm currently running AIX 4.3.3 and i'm trying to setup a chroot environment for the users who use SFTP, i spend a lot time SFTW but i can't make it work.
I got openssh3.9p1 whit the chroot patch.
Any help is greatly appreciated. (0 Replies)
HI ,
I am trying to setup chrooted environment on RHEL4, for squid proxy.
I have copied the required libraries and stuff for chroot. Used the below for chroot-shell .
user is squid
# grep squid /etc/passwd
squid:x:500:501::/opt/squid:/bin/chroot-shell
directory trying to jail is... (2 Replies)
I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
here is the setup<br/>
sshd_config:
<pre>
Match User sftp
ChrootDirectory /chroot/sftp
</pre>
I connect just fine to the folder
<pre>/chroot/sftp</pre>
However I cannot access the website developer folder due to it being outside the scope of the defined chrootdirectory... (2 Replies)
Hi all,
I'm trying to set up a chroot sftp using OpenSSH.
But I'm still having problems.
I'm using AIX 5.3
My system and OpenSSH version as follows
host1:/>oslevel
5.3.0.0
host1:/>oslevel -r
5300-10
host1:/>ssh -V
OpenSSH_5.0p1, OpenSSL 0.9.8h 28 May 2008
host1:/>lslpp -l | grep open... (2 Replies)
Good day. I currently have a request to have sftp access to a specific directory for a user(s). They can have access to that folder only, and nothing below it.
Now here is the gotcha that seems to be catching me. The folder they need access to is NOT owned by root, and most of the parent... (0 Replies)
Hello Friends,
I am trying the chroot command on a Solaris box (SunOS sx07 5.10 Generic_144489-12 i86pc i386 i86pc) but i am getting an error message
chroot: exec failed: Exec format error
Did any of you folks got this error before .. and how did you guys fix it .. please help me... (2 Replies)
Hi all,
I'm trying to start named in chroot environment manually but i'm getting the following error
bash-3.00# cat /etc/release
Solaris 10 6/06 s10s_u2wos_09a SPARC
Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
Use is... (1 Reply)
Hi all,
I have two doms on my machine. I boot my machine from an rfs in one dom1 and mount the other rfs in the other dom2 at /media. Now I wanted to restrict access of users on dom2 to only their home directories. I do not want them to access any other directories on dom1 or dom2. So I mounted... (2 Replies)
Discussion started by: sai2krishna
2 Replies
LEARN ABOUT DEBIAN
schleuder-newlist
SCHLEUDER-NEWLIST(8)SCHLEUDER-NEWLIST(8)NAME
schleuder-newlist - create new Schleuder mailing list
SYNOPSIS
schleuder-newlist [-c baseconfig] newlist@example.net
[-realname "Foo List"]
[-adminaddress listadmin@example.net]
[-initmember member1@example.net
-initmemberkey path-to-initmember-publickey]
[-privatekeyfile path-to-privatekey
-publickeyfile path-to-publickey
-passphrase "key passphrase"]
[-mailuser schleuder]
[-nointeractive]
DESCRIPTION
schleuder-newlist automates the creation of new Schleuder mailing lists. For more information on Schleuder, please look at schleuder(8).
schleuder-newlist does various input validation, and can generate a key or import one. It will give you as well an easy interface to build
new lists in a scripted manner.
It also supports an interactive mode, with which the user will be prompted for missing mandatory options. The interactive mode can be dis-
abled, using the -nointercative flag; it is automatically disabled if the script isn't run within a valid tty.
If no -privatekeyfile, -publickeyfile and -passphrase are provided, the list will create a new keypair with a random password. The type and
length of the generated keypair is specified in /etc/schleuder/schleuder.conf.
OPTIONS -c path-to-schleuder-configuration:
Specify an alternate configuration directory than the default /etc/schleuder.
-realname "Foo List"
Specify the name of the mailing list.
-adminaddress listadmin@example.net
Specify the email address of a list administrator. This address will be notified of errors, and depending on configuration may also
be allowed to send restricted email commands.
-initmember member1@example.net
Specify the first subscribed list member address. Can be the same as the administrator address. This option must be accompanied by
-initmemberkey.
-initmemberkey path-to-initmember-publickey
Specify the path to first subscribed list member public key. -initmember must also be specified.
-privatekeyfile path-to-privatekey
Specify the path to a previously-generated private key for the list. This option must be accompanied by -publickeyfile and
-passphrase.
-publickeyfile path-to-publickey
Specify the path to a previously-generated public key for the list. This option must be accompanied by -privatekeyfile and
-passphrase.
-passphrase "key passphrase"
Specify the passphrase needed to access the private key specified in -privatekeyfile. This option must be accompanied by -publickey-
file as well.
-mailuser schleuder
Specify the system user account under which schleuder(8) will be executed (when run as root, this defaults to schleuder).
-nointeractive
When specified, no questions will be asked to complete missing information.
EXAMPLES
This creates a new list called test1 with the initial member foo@bar.ch. A new keypair will be generated for the list.
schleuder-newlist foobar@example.org
-realname "bal jak"
-adminaddress admin@example.org
-initmember foo@example.com -initmemberkey /tmp/foo.pub
The list test2 will be created, a keypair from the following files with the passphrase test will be imported.
schleuder-newlist test2@example.com
-realname "bal jak"
-adminaddress foobar@example.org
-privatekeyfile ~/tmp/test2.priv
-publickeyfile /tmp/test2.pub
-passphrase test
FILES
/etc/schleuder/schleuder.conf
global Schleuder configuration
/etc/schleuder/default-list.conf
default list settings
/var/schleuderlists/HOSTNAME/LISTNAME
list internal data
/var/schleuderlists/HOSTNAME/LISTNAME/list.conf
list settings
/var/schleuderlists/HOSTNAME/LISTNAME/members.conf
list susbcribers
All configuration files are formatted as YAML. See http://www.yaml.org/ for more details.
BUGS
Known bugs are listed on the Schleuder website.
SEE ALSO schleuder(8), aliases(5), gnupg(7).
Schleuder website
http://schleuder.nadir.org/
YAML website
http://www.yaml.org/
June 2012 SCHLEUDER-NEWLIST(8)