[BlueOnyx:24573] Re: Issues with jailed sftp on 5210R

Christoph Schneeberger cschnee at box.telemedia.ch
Wed Dec 9 06:13:59 -05 2020 

+1, confirmed:

I just hung up the phone with a customer that has the very same problem 
on a 5210R since tonite.

Trying now Dirks workaround with "Full Shell Access" (thanks!)

Cheers,
Christoph

On 12/9/20 10:10, Dirk Estenfeld wrote:
>
> Hello,
>
> since the last CentOS8 release update I have a problem with jailed 
> SFTP connections "Chrooted SFTP, SCP and RSYNC" on a server with 
> CentOS8/BO 5210R.
>
> No connection is established. The SFTP client asks if there is a SFTP 
> server on the other side.
>
> SFTP connections of users with unlimited shell access are no problem.
>
> Yes, the server was restarted. Yes, the jailkit.service is running.
>
> Here is an excerpt from the connection log:
>
> Dec  9 10:06:14 orbital7 systemd-logind[1654]: New session 130 of user 
> detest.
>
> Dec  9 10:06:14 orbital7 systemd[1]: Started Session 130 of user detest.
>
> Dec  9 10:06:17 orbital7 jk_chrootsh[25727]: path 
> /home/.sites/site6/home/./users/detest is setgid
>
> Dec  9 10:06:17 orbital7 jk_chrootsh[25727]: path 
> /home/.sites/site6/home/./users/detest is group writable
>
> Dec  9 10:06:17 orbital7 jk_chrootsh[25727]: now entering jail 
> /home/.sites/site6/home for user detest (1156) with arguments -c 
> /usr/libexec/openssh/sftp-server
>
> Dec  9 10:06:17 orbital7 jk_lsh[25727]: jk_lsh version 2.20, started
>
> Dec  9 10:06:17 orbital7 jk_lsh[25727]: executing command 
> '/usr/libexec/openssh/sftp-server' for user detest (1156)
>
> Dec  9 10:06:18 orbital7 systemd-logind[1654]: Session 130 logged out. 
> Waiting for processes to exit.
>
> Dec  9 10:06:18 orbital7 systemd[1]: session-130.scope: Succeeded.
>
> Dec  9 10:06:18 orbital7 systemd-logind[1654]: Removed session 130.
>
> This does not necessarily look like an error message to me.
>
> I have not found any other logs or error messages.
>
> As written, I set the user to "unlimited shell access", then it works.
>
> But the "Chrooted SFTP, SCP and RSYNC" does not work.
>
> Can anyone understand this? Are there any ideas? Is there a fix for it?
>
> Best regards,
>
> Dirk
>
>
> blackpoint GmbH – Friedberger Straße 106b – 61118 Bad Vilbel
>
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20201209/fa1ccbe3/attachment.html>

More information about the Blueonyx mailing list