Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH chroot jail problems
Operating Systems Linux Debian SSH chroot jail problems Post 302447098 by SystemEng on Saturday 21st of August 2010 01:01:55 AM
Old 08-21-2010
Hi Pokey


Im having same problems for long..

when it comes to su - user

i get /bin/su : incorrect password

what u mean by setting

userLogin No

where must i specify that

Im using suseLinux 10

Thanks
 

10 More Discussions You Might Find Interesting

1. News, Links, Events and Announcements

More SSH Problems.....

See: http://www.cert.org/advisories/CA-2002-36.html and http://www.rapid7.com/News/pr021216-ssh.html (1 Reply)
Discussion started by: Neo
1 Replies

2. UNIX for Advanced & Expert Users

SSH problems

I am trying to ssh into a remote sun server, however I get X11 forwarding error. I have checked sshd_config file and X11 forwarding is enabled. Also xhost command doesnt give any output, it doesnt even return the prompt.I have to Ctrl C out of the situation. any suggestions anyone?? (1 Reply)
Discussion started by: ysk
1 Replies

3. UNIX for Dummies Questions & Answers

How to start a chroot jail?

I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies

4. UNIX for Advanced & Expert Users

SFTP Jail With Sun SSH Not OpenSSH

Hi all, I have a Solaris 10 server with SUN_SSH_1.1 installed. I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work. ... (2 Replies)
Discussion started by: Donkey25
2 Replies

5. UNIX for Advanced & Expert Users

Chroot jail environment puzzle

I have a simple sandbox program which runs a command as user "nobody" in a chroot jail. It sets resource limits with setrlimit, changes the user id with setuid, changes the root dir with chroot, and then calls exec to execute the command given as command line parameters. It is of course a... (8 Replies)
Discussion started by: john.english
8 Replies

6. Solaris

SSH & SFTP Chroot

Hello all, does anybody knows a procedure to enable an chroot for users using ssh and sftp ? Thanks (1 Reply)
Discussion started by: celord
1 Replies

7. UNIX for Advanced & Expert Users

ssh jail user

I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still... (2 Replies)
Discussion started by: toor13
2 Replies

8. Red Hat

sftp jail chroot env setup

Hi I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area. e.g ftp file are is - /logging/phplogs e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies

9. Solaris

SSH/RSAAuthentication Problems

I'm attempting to setup RSA Authentication for a particular user on two servers. A script runs via crontab, logs into one server and transfers data from the server1 to server2. Another script via cron, runs on server2, connects to server 1 and transfers data to it. However, I'm having issues... (3 Replies)
Discussion started by: Nvizn
3 Replies

10. UNIX for Beginners Questions & Answers

Ssh-keygen problems

For some reason, when I try copying my public key to the server, despite it showing as being successful: rob@linux044:~$ ssh-copy-id -i /home/rob/Work/Keys/keys.txt.pub !@#$%.com /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/rob/Work/Keys/keys.txt.pub"... (7 Replies)
Discussion started by: Circuits
7 Replies

LEARN ABOUT BSD

rexecd

REXECD(8)						      System Manager's Manual							 REXECD(8)

NAME

       rexecd - remote execution server

SYNOPSIS

       /usr/libexec/rexecd

DESCRIPTION

       Rexecd is the server for the rexec(3) routine.  The server provides remote execution facilities with authentication based on user names and
       passwords.

       Rexecd listens for service requests at the port indicated in the ``exec'' service specification; see services(5).  When a  service  request
       is received the following protocol is initiated:

       1)     The  server reads characters from the socket up to a null (`') byte.  The resultant string is interpreted as an ASCII number, base
	      10.

       2)     If the number received in step 1 is non-zero, it is interpreted as the port number of a secondary stream to be used for the  stderr.
	      A second connection is then created to the specified port on the client's machine.

       3)     A null terminated user name of at most 16 characters is retrieved on the initial socket.

       4)     A null terminated, unencrypted password of at most 16 characters is retrieved on the initial socket.

       5)     A  null  terminated command to be passed to a shell is retrieved on the initial socket.  The length of the command is limited by the
	      upper bound on the size of the system's argument list.

       6)     Rexecd then validates the user as is done at login time and, if the authentication was successful, changes to the user's home direc-
	      tory, and establishes the user and group protections of the user.  If any of these steps fail the connection is aborted with a diag-
	      nostic message returned.

       7)     A null byte is returned on the initial socket and the command line is passed to the normal login	shell  of  the	user.	The  shell
	      inherits the network connections established by rexecd.

DIAGNOSTICS

       Except  for  the last one listed below, all diagnostic messages are returned on the initial socket, after which any network connections are
       closed.	An error is indicated by a leading byte with a value of 1 (0 is returned in step 7 above upon successful  completion  of  all  the
       steps prior to the command execution).

       ``username too long''
       The name is longer than 16 characters.

       ``password too long''
       The password is longer than 16 characters.

       ``command too long ''
       The command line passed exceeds the size of the argument list (as configured into the system).

       ``Login incorrect.''
       No password file entry for the user name existed.

       ``Password incorrect.''
       The wrong was password supplied.

       ``No remote directory.''
       The chdir command to the home directory failed.

       ``Try again.''
       A fork by the server failed.

       ``<shellname>: ...''
       The user's login shell could not be started.  This message is returned on the connection associated with the stderr, and is not preceded by
       a flag byte.

SEE ALSO

       rexec(3)

BUGS

       Indicating ``Login incorrect'' as opposed to ``Password incorrect'' is a security breach which allows people to probe a	system	for  users
       with null passwords.

       A facility to allow all data and password exchanges to be encrypted should be present.

4.2 Berkeley Distribution					 November 16, 1996							 REXECD(8)
All times are GMT -4. The time now is 10:45 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy