|
|
Sponsored Content
Operating Systems
Linux
Debian
SSH chroot jail problems
Post 302412911 by pokey144 on Wednesday 14th of April 2010 01:41:45 AM
04-14-2010
|
|
10 More Discussions You Might Find Interesting
1. News, Links, Events and Announcements
See:
http://www.cert.org/advisories/CA-2002-36.html
and
http://www.rapid7.com/News/pr021216-ssh.html (1 Reply)
Discussion started by: Neo
1 Replies
2. UNIX for Advanced & Expert Users
I am trying to ssh into a remote sun server, however I get X11 forwarding error. I have checked sshd_config file and X11 forwarding is enabled.
Also xhost command doesnt give any output, it doesnt even return the prompt.I have to Ctrl C out of the situation. any suggestions anyone?? (1 Reply)
Discussion started by: ysk
1 Replies
3. UNIX for Dummies Questions & Answers
I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies
4. UNIX for Advanced & Expert Users
Hi all,
I have a Solaris 10 server with SUN_SSH_1.1 installed.
I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work.
... (2 Replies)
Discussion started by: Donkey25
2 Replies
5. UNIX for Advanced & Expert Users
I have a simple sandbox program which runs a command as user "nobody" in a chroot jail. It sets resource limits with setrlimit, changes the user id with setuid, changes the root dir with chroot, and then calls exec to execute the command given as command line parameters. It is of course a... (8 Replies)
Discussion started by: john.english
8 Replies
6. Solaris
Hello all, does anybody knows a procedure to enable an chroot for users using ssh and sftp ? Thanks (1 Reply)
Discussion started by: celord
1 Replies
7. UNIX for Advanced & Expert Users
I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still... (2 Replies)
Discussion started by: toor13
2 Replies
8. Red Hat
Hi
I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area.
e.g ftp file are is - /logging/phplogs
e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies
9. Solaris
I'm attempting to setup RSA Authentication for a particular user on two servers. A script runs via crontab, logs into one server and transfers data from the server1 to server2. Another script via cron, runs on server2, connects to server 1 and transfers data to it. However, I'm having issues... (3 Replies)
Discussion started by: Nvizn
3 Replies
10. UNIX for Beginners Questions & Answers
For some reason, when I try copying my public key to the server, despite it showing as being successful:
rob@linux044:~$ ssh-copy-id -i /home/rob/Work/Keys/keys.txt.pub !@#$%.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/rob/Work/Keys/keys.txt.pub"... (7 Replies)
Discussion started by: Circuits
7 Replies
LEARN ABOUT SUSE
scp
SCP(1) BSD General Commands Manual SCP(1) NAME
scp -- secure copy (remote file copy program) SYNOPSIS
scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] [-l limit] [-o ssh_option] [-P port] [-S program] [[user@]host1:]file1 ... [[user@]host2:]file2 DESCRIPTION
scp copies files between hosts on a network. It uses ssh(1) for data transfer, and uses the same authentication and provides the same secu- rity as ssh(1). Unlike rcp(1), scp will ask for passwords or passphrases if they are needed for authentication. File names may contain a user and host specification to indicate that the file is to be copied to/from that host. Local file names can be made explicit using absolute or relative pathnames to avoid scp treating file names containing ':' as host specifiers. Copies between two remote hosts are also permitted. The options are as follows: -1 Forces scp to use protocol 1. -2 Forces scp to use protocol 2. -4 Forces scp to use IPv4 addresses only. -6 Forces scp to use IPv6 addresses only. -B Selects batch mode (prevents asking for passwords or passphrases). -C Compression enable. Passes the -C flag to ssh(1) to enable compression. -c cipher Selects the cipher to use for encrypting the data transfer. This option is directly passed to ssh(1). -F ssh_config Specifies an alternative per-user configuration file for ssh. This option is directly passed to ssh(1). -i identity_file Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to ssh(1). -l limit Limits the used bandwidth, specified in Kbit/s. -o ssh_option Can be used to pass options to ssh in the format used in ssh_config(5). This is useful for specifying options for which there is no separate scp command-line flag. For full details of the options listed below, and their possible values, see ssh_config(5). AddressFamily BatchMode BindAddress ChallengeResponseAuthentication CheckHostIP Cipher Ciphers Compression CompressionLevel ConnectionAttempts ConnectTimeout ControlMaster ControlPath GlobalKnownHostsFile GSSAPIAuthentication GSSAPIDelegateCredentials HashKnownHosts Host HostbasedAuthentication HostKeyAlgorithms HostKeyAlias HostName IdentityFile IdentitiesOnly KbdInteractiveDevices LogLevel MACs NoHostAuthenticationForLocalhost NumberOfPasswordPrompts PasswordAuthentication PKCS11Provider Port PreferredAuthentications Protocol ProxyCommand PubkeyAuthentication RekeyLimit RhostsRSAAuthentication RSAAuthentication SendEnv ServerAliveInterval ServerAliveCountMax StrictHostKeyChecking TCPKeepAlive UsePrivilegedPort User UserKnownHostsFile VerifyHostKeyDNS -P port Specifies the port to connect to on the remote host. Note that this option is written with a capital 'P', because -p is already reserved for preserving the times and modes of the file in rcp(1). -p Preserves modification times, access times, and modes from the original file. -q Quiet mode: disables the progress meter as well as warning and diagnostic messages from ssh(1). -r Recursively copy entire directories. Note that scp follows symbolic links encountered in the tree traversal. -S program Name of program to use for the encrypted connection. The program must understand ssh(1) options. -v Verbose mode. Causes scp and ssh(1) to print debugging messages about their progress. This is helpful in debugging connection, authentication, and configuration problems. The scp utility exits 0 on success, and >0 if an error occurs. SEE ALSO
rcp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5), sshd(8) HISTORY
scp is based on the rcp(1) program in BSD source code from the Regents of the University of California. AUTHORS
Timo Rinne <tri@iki.fi> Tatu Ylonen <ylo@cs.hut.fi> BSD
February 8, 2010 BSD