Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: secure sftp login not working in RedHat Linux
Top Forums UNIX for Advanced & Expert Users secure sftp login not working in RedHat Linux Post 302711159 by asyed on Friday 5th of October 2012 12:41:12 PM
Old 10-05-2012
Ok. I'm adding more details for your review here:

Firstly, entries in sshd_config are:

Code:
cat /etc/ssh/sshd_config
#       $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication mechanism.
# Depending on your PAM configuration, this may bypass the setting of
# PasswordAuthentication, PermitEmptyPasswords, and
# "PermitRootLogin without-password". If you just want the PAM account and
# session checks to run without PAM authentication, then enable this but set
# ChallengeResponseAuthentication=no
UsePAM no
#UsePAM yes

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
ClientAliveInterval 60
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner /some/path
# override default of no subsystems

#Subsystem      sftp    /usr/libexec/openssh/sftp-server
Subsystem sftp internal-sftp

Match Group sftpusers
        ChrootDirectory /assure0/test/%u
        AllowTCPForwarding no
        X11Forwarding no
        ForceCommand internal-sftp

And, permissions on that directory are as below:

Code:
drwxr-xr-x   6 root root   4096 Oct  4 01:12 assure0

drwxr-xr-x 26 root     root      4096 Oct  3 21:28 test

drwxr-xr-x 2 abdul        sftpusers 4096 Oct  1 00:00 abdul

---------- Post updated at 10:11 PM ---------- Previous update was at 10:06 PM ----------

Also, there are no mounts or soft links in any of these directories

I'm able to successfully login to the sftp accounts which don't belong to sftpusers group

So, this issue is for specific users in sftpusers group, whom I want to restrict the access to one particular directory
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

changing login prompt on redhat

Hi... Can anyone help! I am in dire need to change the "login:" prompt to "username:" any ideas? Thanks in advance :) (6 Replies)
Discussion started by: juilan
6 Replies

2. Shell Programming and Scripting

f-secure sftp in shell script

Hi, I am trying to use sftp in a ksh - Shell script, but not even a simple script like this returns not output: sftp username@remotehost <<END ls END If I do something like this: sftp username@remotehost <<END | tee logfile ls END I get this error message: Warning: tcgetattr... (1 Reply)
Discussion started by: friand
1 Replies

3. Solaris

password less login from openssh to SSH Secure Shell 3.0.1 Sun solaris 7

Hi, I would like to login from a Sun server running ssh: Sun_SSH_1.1, SSH protocols 1.5/2.0, OpenSSL 0x0090704f to ssh: SSH Secure Shell 3.0.1 on sparc-sun-solaris2.6 How can I achieve this? Thanks a million in advance (1 Reply)
Discussion started by: newbewie
1 Replies

4. Red Hat

pny adp648tm-50 memory not working with redhat linux

I had two high speed 1gb mem installed on my primary mem slots. When i tried to add two PNY adp648tm-50 mem, 1gb each on the two empty mem slots, it didn't work. However both the old and the pny mem by themselves work and the system boot up, but fails if I put all the memories in there. Any... (0 Replies)
Discussion started by: return_user
0 Replies

5. UNIX for Advanced & Expert Users

Sftp working on Linux but error on HP UX

Hi the below two line in my sh work fine in Linux but when I run it in HP UX it throws error saying "No such file or directory (-)." can anyone pleas let me know what is wrong. Any help is appreciated. INPUTFILE="$(echo ls -1t | sftp -b- $SFTPSERVER:$SFTPDIR |grep ^LK| head -1)" echo... (1 Reply)
Discussion started by: murtymvvs
1 Replies

6. Shell Programming and Scripting

Transfer files from linux server to windows using secure ftp (sftp)

HI, I have to transfer files from linux server to windows using secure ftp (sftp) .Kindly help me out. (3 Replies)
Discussion started by: manushi88
3 Replies

7. Red Hat

Login failed in Redhat Enterprise 6.2

When i finished installation the Redhat Enterprise Linux 6.2, and login to the system, I can't login although username: root and Password correct. I install on the Hp Blade Server. I don't know why. How to fix this error? who can help me? :confused: Thanks! (3 Replies)
Discussion started by: dinhdangnd
3 Replies

8. Red Hat

Chroot sftp users, remote sftp login shows wrong timestamp on files

Hello, I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration. #pwd... (8 Replies)
Discussion started by: bobby320
8 Replies

9. Red Hat

SFTP User creation in Redhat Linux/UNIX

SFTP user creation step… Create a group # groupadd sftp_users If the users doesn’t exist on system , use below command : # useradd -G sftp_users -s /sbin/nologin username # passwd username For already existing users , use below usermod command : # usermod –G... (1 Reply)
Discussion started by: taherahmed
1 Replies

10. UNIX for Advanced & Expert Users

Only root could login Redhat and could not su other user

Anyone has met the error following:- 1. Only root could login Redhat 2. Trying su another user by root, the error will be su: warning: cannot change directory to /home/user: permission denied su: /bin/bash: permission denied 3. I have checked the permission of the folder given and even... (2 Replies)
Discussion started by: jc0616
2 Replies
All times are GMT -4. The time now is 12:32 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy