| 1 |
2011/3/1 Naira Kaieski <naira@××××××.br>: |
| 2 |
> Good afternoon, |
| 3 |
> |
| 4 |
> Staff set up openssh to direct users to a certain group members to a chroot |
| 5 |
> environment and these users will have access only to the server using sftp |
| 6 |
> protocol. |
| 7 |
> |
| 8 |
> Put in the sshd_config file: |
| 9 |
> Match Group customers |
| 10 |
> ChrootDirectory% h |
| 11 |
> ForceCommand internal-sftp-l VERBOSE f-AUTH |
| 12 |
> |
| 13 |
> Thus each user is directed to the chroot environment indicated in the |
| 14 |
> variable% h (home directory defined in / etc / passwd) |
| 15 |
> |
| 16 |
> An example of directory is: |
| 17 |
> User: naira |
| 18 |
> Home directory: /var/www/naira.com.br |
| 19 |
> |
| 20 |
> The problem is that I am not able to capture logs of the user group |
| 21 |
> "clients" that are targeted to the chroot environment. Access via |
| 22 |
> internal-sftp from other users who do not belong to the "client" I get the |
| 23 |
> logs in auth.log files. |
| 24 |
> |
| 25 |
> I'm using syslog-ng. |
| 26 |
> |
| 27 |
> Has anyone ever made this kind of setup? |
| 28 |
> |
| 29 |
> Thanks, |
| 30 |
> |
| 31 |
> -- |
| 32 |
> Naira Kaieski |
| 33 |
> Nucleo de Internet/Redes - Faccat |
| 34 |
> Linux Professional Institute - LPI000223834 |
| 35 |
> |
| 36 |
> |
| 37 |
|
| 38 |
Hi! |
| 39 |
|
| 40 |
Actually, I am incompetent at this area, but have you tried this? |
| 41 |
http://groups.google.com/group/comp.security.ssh/browse_thread/thread/ce30a1d9889dc2e2 |
| 42 |
|
| 43 |
Best regards, |
| 44 |
Ivan |
Archives