1 |
2011/3/1 Naira Kaieski <naira@××××××.br>: |
2 |
> Good afternoon, |
3 |
> |
4 |
> Staff set up openssh to direct users to a certain group members to a chroot |
5 |
> environment and these users will have access only to the server using sftp |
6 |
> protocol. |
7 |
> |
8 |
> Put in the sshd_config file: |
9 |
> Match Group customers |
10 |
> ChrootDirectory% h |
11 |
> ForceCommand internal-sftp-l VERBOSE f-AUTH |
12 |
> |
13 |
> Thus each user is directed to the chroot environment indicated in the |
14 |
> variable% h (home directory defined in / etc / passwd) |
15 |
> |
16 |
> An example of directory is: |
17 |
> User: naira |
18 |
> Home directory: /var/www/naira.com.br |
19 |
> |
20 |
> The problem is that I am not able to capture logs of the user group |
21 |
> "clients" that are targeted to the chroot environment. Access via |
22 |
> internal-sftp from other users who do not belong to the "client" I get the |
23 |
> logs in auth.log files. |
24 |
> |
25 |
> I'm using syslog-ng. |
26 |
> |
27 |
> Has anyone ever made this kind of setup? |
28 |
> |
29 |
> Thanks, |
30 |
> |
31 |
> -- |
32 |
> Naira Kaieski |
33 |
> Nucleo de Internet/Redes - Faccat |
34 |
> Linux Professional Institute - LPI000223834 |
35 |
> |
36 |
> |
37 |
|
38 |
Hi! |
39 |
|
40 |
Actually, I am incompetent at this area, but have you tried this? |
41 |
http://groups.google.com/group/comp.security.ssh/browse_thread/thread/ce30a1d9889dc2e2 |
42 |
|
43 |
Best regards, |
44 |
Ivan |