security/openssh-portable
Jerry McAllister
jerrymc at msu.edu
Tue Mar 11 23:46:50 UTC 2008
On Tue, Mar 11, 2008 at 06:26:51PM -0400, Philip M. Gollucci wrote:
> >>user:*:3000:3000::0:0:F L:/foo/./user:/bin/sh
> >The usual thing is make the shell /bin/nologin
> Hi Jerry, Thanks -- but
> Changed to /usr/sbin/nologin
>
> So thats not in the 'chroot' aka /foo/user/usr/sbin/nologin
Well, you can make your own nologin.
Just copy the other one and make it only executable - not writable.
////jerry
> $ sftp -v -v -v user at devX.domain.tld
> OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23 Feb 2007
> debug1: Remote protocol version 1.99, remote software version
> OpenSSH_4.7p1-hpn12v20 FreeBSD-openssh-portable-overwrite-base-4.7.p1_1,1
> debug1: match: OpenSSH_4.7p1-hpn12v20
> FreeBSD-openssh-portable-overwrite-base-4.7.p1_1,1 pat OpenSSH*
>
> debug2: channel 0: open confirm rwindow 0 rmax 32768
> Request for subsystem 'sftp' failed on channel 0
>
>
> --
> ------------------------------------------------------------------------
> Philip M. Gollucci (philip at ridecharge.com)
> o:703.549.2050x206
> Senior System Admin - Riderway, Inc.
> http://riderway.com / http://ridecharge.com
> 1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF
>
> Work like you don't need the money,
> love like you'll never get hurt,
> and dance like nobody's watching.
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list