From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PupVW-0007vQ-GW for garchives@archives.gentoo.org; Wed, 02 Mar 2011 17:06:38 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 369F01C013; Wed, 2 Mar 2011 17:05:20 +0000 (UTC) Received: from mail-iw0-f181.google.com (mail-iw0-f181.google.com [209.85.214.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 0FB3AE06B0 for ; Wed, 2 Mar 2011 17:05:19 +0000 (UTC) Received: by iwn2 with SMTP id 2so164561iwn.40 for ; Wed, 02 Mar 2011 09:05:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type:content-transfer-encoding; bh=0XW1GON7sz7wg3+9b+fTGuGZ7a4MvZJPu/y9I1LUNTY=; b=d4Yx7/KzNUVe23gGZZhK0gVPRE4FDhcq4Dg7RIVGEQjOPWop1DiNcBncFqm/Gn6saB g6CGtQSRxwDMpp1IRrRrrOiP6cmOHbbjRVc+xnKouC0LDNgnrd64qmCke/DwapTM1Iad NMWByo2hTGxy+K4W+Gmx17BBuRqQslLuowvSw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=QHQWLtSeNV1Y/AW6Uxl3BqxWlFHL5J++GY+A+WaTea6Azh6z19XwttEPgq4SvdYwqW Bu1JTK7RvWEktt3ZvzjdRbm5GPeukCPVWQagj754qpXXB3fIL1p2CxZ4FKzAhPPO89I+ VxqZZKzJUQETPh9GI60WWVpUb3CicZFjhXZlc= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.42.178.1 with SMTP id bk1mr114037icb.488.1299085519504; Wed, 02 Mar 2011 09:05:19 -0800 (PST) Received: by 10.42.218.73 with HTTP; Wed, 2 Mar 2011 09:05:19 -0800 (PST) In-Reply-To: <4D6D18CD.7020909@faccat.br> References: <4D6D18CD.7020909@faccat.br> Date: Wed, 2 Mar 2011 20:05:19 +0300 Message-ID: Subject: Re: [gentoo-user] internal-sftp and logs files From: Ivan Kharlamov To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: bfca31f3309dae9a03e57e98d43dbef9 2011/3/1 Naira Kaieski : > Good afternoon, > > Staff set up openssh to direct users to a certain group members to a chro= ot > environment and these users will have access only to the server using sft= p > protocol. > > Put in the sshd_config file: > Match Group customers > =A0 =A0ChrootDirectory% h > =A0 =A0ForceCommand internal-sftp-l VERBOSE f-AUTH > > Thus each user is directed to the chroot environment indicated in the > variable% h (home directory defined in / etc / passwd) > > An example of directory is: > User: naira > Home directory: /var/www/naira.com.br > > The problem is that I am not able to capture logs of the user group > "clients" that are targeted to the chroot environment. Access via > internal-sftp from other users who do not belong to the "client" I get th= e > logs in auth.log files. > > I'm using syslog-ng. > > Has anyone ever made this kind of setup? > > Thanks, > > -- > Naira Kaieski > Nucleo de Internet/Redes - Faccat > Linux Professional Institute - LPI000223834 > > Hi! Actually, I am incompetent at this area, but have you tried this? http://groups.google.com/group/comp.security.ssh/browse_thread/thread/ce30a= 1d9889dc2e2 Best regards, Ivan