Re: SSH Jail

2003-07-31 Thread Ehud Karni
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 31 Jul 2003 23:37:13 +0200, Moshe Shemesh <[EMAIL PROTECTED]> wrote: > > Doing chmod +s /uusr/sbin/chroot will simply break the security on your > system. For example (as a non root user) do: > chroot / cat /etc/shadow. > > Gettin

Re: SSH Jail

2003-07-31 Thread Moshe Shemesh
Karni" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 7:18 PM Subject: Re: SSH Jail > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Thu, 31 Jul 2003 13:39:31 +0300 (IDT), Chaim Ke

Re: SSH Jail

2003-07-31 Thread Oded Arbel
On Thursday 31 July 2003 20:18, Ehud Karni wrote: > On Thu, 31 Jul 2003 13:39:31 +0300 (IDT), Chaim Keren Tzion <[EMAIL PROTECTED]> wrote: > > I am intending that sftp will be used for the file transfer. The problem > > is that once I create the account that will use sftp it automatically has > >

Re: SSH Jail

2003-07-31 Thread Ehud Karni
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 31 Jul 2003 13:39:31 +0300 (IDT), Chaim Keren Tzion <[EMAIL PROTECTED]> wrote: > > I am intending that sftp will be used for the file transfer. The problem > is that once I create the account that will use sftp it automatically has > the abili

Re: SSH Jail

2003-07-31 Thread Oleg Goldshmidt
Yedidyah Bar-David <[EMAIL PROTECTED]> writes: > On Thu, Jul 31, 2003 at 02:48:17PM +0300, Chaim Keren Tzion wrote: > > > > You are right, I meant /bin/false. I tried /sbin/nologon and /bin/true but > > couldn't login to sftp with either. > > You probably need to add it to /etc/shells. > But ot

Re: SSH Jail

2003-07-31 Thread Yedidyah Bar-David
On Thu, Jul 31, 2003 at 02:48:17PM +0300, Chaim Keren Tzion wrote: > > You are right, I meant /bin/false. I tried /sbin/nologon and /bin/true but > couldn't login to sftp with either. You probably need to add it to /etc/shells. But other people offered better solutions, I think. -- Didi =

Re: SSH Jail

2003-07-31 Thread Moshe Shemesh
raz-x - Original Message - From: "Moshe Shemesh" <[EMAIL PROTECTED]> To: "Chaim Keren Tzion" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 1:08 PM Subject: Re: SSH Jail > Hi Chaim, > > Give the full path name of the sftp-se

Re: SSH Jail

2003-07-31 Thread Chaim Keren Tzion
You are right, I meant /bin/false. I tried /sbin/nologon and /bin/true but couldn't login to sftp with either. On 31 Jul 2003, Oleg Goldshmidt wrote: > Chaim Keren Tzion <[EMAIL PROTECTED]> writes: > > > I am intending that sftp will be used for the file transfer. The problem > > is that once

RE: SSH Jail

2003-07-31 Thread Tzahi Fadida
L PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: SSH Jail > > > Hello Chaim, > > Perhaps you should try this out: > http://www.penguin.org.il/guides/chrooting-services/4.html#4 > > +Katriel > > > Shalom, > > > > I need to set up an FTP server or an

Re: SSH Jail

2003-07-31 Thread Moshe Shemesh
Sent: Thursday, July 31, 2003 12:39 PM Subject: Re: SSH Jail > > I am intending that sftp will be used for the file transfer. The problem > is that once I create the account that will use sftp it automatically has > the ability to log in with ssh and wander around the system. I would

Re: SSH Jail

2003-07-31 Thread Tzafrir Cohen
On Thu, Jul 31, 2003 at 12:57:29PM +0300, Chaim Keren Tzion wrote: > Shalom, > > I need to set up an FTP server or an account that will use SSH for a user > outside of our organization that needs to send us data. They haven't been > able to successfully set one up on their end. I would like to avo

Re: SSH Jail

2003-07-31 Thread Oleg Goldshmidt
Chaim Keren Tzion <[EMAIL PROTECTED]> writes: > I am intending that sftp will be used for the file transfer. The problem > is that once I create the account that will use sftp it automatically has > the ability to log in with ssh and wander around the system. I would like > to limit the users abil

Re: SSH Jail

2003-07-31 Thread katriel
Hello Chaim, Perhaps you should try this out: http://www.penguin.org.il/guides/chrooting-services/4.html#4 +Katriel > Shalom, > > I need to set up an FTP server or an account that will use SSH for a > user outside of our organization that needs to send us data. They > haven't been able to succes

Re: SSH Jail

2003-07-31 Thread Chaim Keren Tzion
I am intending that sftp will be used for the file transfer. The problem is that once I create the account that will use sftp it automatically has the ability to log in with ssh and wander around the system. I would like to limit the users ability to travel ouside of the home directoy and to execu

Re: SSH Jail

2003-07-31 Thread Moshe Shemesh
Hi Chaim, Did you consider using sftp-server ? It's ftp server running on top of SSH. you will need sftp clint to access it. Moshe Shemesh Liraz-x - Original Message - From: "Chaim Keren Tzion" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 11:57 AM Subjec