jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Filezilla and jailkit + changeing passwords

From: aaronrus
Subject: Re: [Jailkit-users] Filezilla and jailkit + changeing passwords
Date: Sat, 18 Dec 2010 06:05:23 +0000 (UTC)
FileZilla issue resolved. After looking at the log files I realized jk_lsh.ini was not allowing the sftp-server to run. What I found out is there are two sftp-server files well one of them is a symlink. One at /usr/lib/sftp-server and the other at /usr/lib/openssh/sftp-server the default in jk_lsh.ini was pointed to what appeared to be the correct location but FileZilla would not work. I resolved the issue by change the path to /usr/lib/openssh/sftp-server in jk_lsh.ini

On a second note regarding shadowed passwords. Seeing it's not possible for users to change there password directly could a helper program be developed to store a users encrypted password in the jail until a cron program outside the jail reads the encrypted password and inserts it in the real shadow file.

Thanks for your help.
Aaron

----- Original Message -----
From: "Olivier Sessink" <address@hidden>
To: address@hidden
Sent: Friday, December 17, 2010 9:53:50 AM
Subject: Re: [Jailkit-users] Filezilla and jailkit + changeing passwords

On 12/17/2010 07:20 AM, address@hidden wrote:
> I've setup jailkit and have a working system. I can SCP files to the
> jail but can not use filezilla to SFTP. SFTP is configured in the
> jk_lsh.ini in the jail. If I change the jail login shell to bash I can
> use filezilla and still be in the jail.
>
> 1) What needs to be done to make the jk_lsh shell work with filezilla?

I don't know filezilla, but for example in winscp you need the option
'SFTP only' to make it work. Otherwise winscp will try to start a
regular shell first.

what is the error in the logs? (be sure that you have enabled logging
inside your jail)

> 2) On a different note when using bash in the jail users can't change
> there password. Ive tried copying /usr/bin/passwd and its librarys to
> the jail but I get an error message passwd: pam_start() failed, error 26
> when trying to use it in the jail. Seeing the password management is
> maintained outside the jail how can I allow users to change there passwords?

this will work for example if you have your passwords in ldap. Not if
your passwords are in /etc/shadow, because /etc/shadow is not available
in the jail.

Olivier

--
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/

_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users
reply via email to
[Prev in Thread] Current Thread [Next in Thread]