jailkit-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jailkit-dev] [bug #60178] sftp account is not limited at all on CentOS

From: Olivier Sessink
Subject: [Jailkit-dev] [bug #60178] sftp account is not limited at all on CentOS 8
Date: Sat, 6 Mar 2021 03:12:50 -0500 (EST)
User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0 
Follow-up Comment #3, bug #60178 (project jailkit):

thanks for the extensive info.

it seems that your system does not use /var/log/auth.log to do authorisation
logging, but your system does have journalctl. 

journalctl |grep jk_chrootsh

will tell you if jk_chrootsh is actually started.

what could be useful is to follow the logs while you log in with either ssh or
sftp and look at the differences:

journalctl -f |grep jk_

There is a possibility that your ssh daemon is configured not to start a shell
for sftp, but to handle sftp internally. If it is, it will bypass jk_chrootsh.
I'm not sure what the confuguration option is, but look at
/etc/ssh/sshd_config for specific sftp options.

    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/bugs/?60178>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]