codecommander
Programmer
Hi all,
my problem is the ftp behaviour on my server. Since Im running
vsftpd, the user, who are allowed to connect are chrooted to
their home-directories, which in turn is very convenient.
But if a user connects via ssh2 tunnel to my server (dsa-key-pair),
he is not longer chrooted, but is able to run wild, within the
servers directory tree.
First I presumed this could be because the vsftpd might be confused
of the source IP-Adress coming from localhost since the tunnel start
at localhost on the users mashine.
But even when I start ftp 127.0.0.1 on my servers comandline the STIN
is handed over to vsftpd (from the sftp-server subsystem I think),
which captures me within my home directory as it should.
The user has no shell like /bin/sh or /bin/bash, but the ftp-subsystem
/usr/libexec/openssh/sftp-server
What I dont understand is the behaviour of this subsystem. Is it possible
that the user using the ssh-tunnel is not handed to vsftpd, but to sftpd.
In addition there are no log-entries in the vsftpd.log file when using
the tunnel.
Is there a possibility to change the configuration of this
/usr/libexec/openssh/sftp-server thing?
hope somebody can help or has I link to more informations
regards markus
my problem is the ftp behaviour on my server. Since Im running
vsftpd, the user, who are allowed to connect are chrooted to
their home-directories, which in turn is very convenient.
But if a user connects via ssh2 tunnel to my server (dsa-key-pair),
he is not longer chrooted, but is able to run wild, within the
servers directory tree.
First I presumed this could be because the vsftpd might be confused
of the source IP-Adress coming from localhost since the tunnel start
at localhost on the users mashine.
But even when I start ftp 127.0.0.1 on my servers comandline the STIN
is handed over to vsftpd (from the sftp-server subsystem I think),
which captures me within my home directory as it should.
The user has no shell like /bin/sh or /bin/bash, but the ftp-subsystem
/usr/libexec/openssh/sftp-server
What I dont understand is the behaviour of this subsystem. Is it possible
that the user using the ssh-tunnel is not handed to vsftpd, but to sftpd.
In addition there are no log-entries in the vsftpd.log file when using
the tunnel.
Is there a possibility to change the configuration of this
/usr/libexec/openssh/sftp-server thing?
hope somebody can help or has I link to more informations
regards markus