On 29.09.21 13:27, Hildegard Meier wrote:
sshd[27049]: Accepted publickey for [REDACTED] from [REDACTED] port 54343 ssh2: RSA SHA256:[REDACTED] sshd[27049]: pam_unix(sshd:session): session opened for user [REDACTED] by (uid=0) sshd[27049]: session opened for local user [REDACTED] from [REDACTED] [postauth] sshd[27049]: sent status No such file [postauth] sshd[27049]: sent status No such file [postauth] sshd[27049]: open "[REDACTED]" flags WRITE,CREATE,TRUNCATE mode 0666 [postauth] sshd[27049]: close "[REDACTED]" bytes read 0 written 5870358 [postauth] sshd[27049]: session closed for local user [REDACTED] from [REDACTED] [postauth] sshd[27049]: pam_unix(sshd:session): session closed for user [REDACTED]Have all sftp log messages from today the prefix sshd[27049]?
No, the PID changes from login to login (and the master "/usr/sbin/sshd -D"'s PID does not show up at all).
(Did I say in previous posts that I took this from /var/log/messages ? Of course *not*, thanks to:
SyslogFacility AUTHPRIV
and CentOS' default syslogd configs, it's all in /var/log/secure .)
Sorry for this question, but [...] You have "ChrootDirectory" set in sshd_config, right? E.g. I have set ChrootDirectory %h
There's a "ChrootDirectory %h" within the "Match group mandanten" block, yes. I also see the cwd as "/" and the group ownerships as "users" in a test login (while the GID is named "mandanten" in the *real* /etc/group ), so the chroot() definitely works. I'd be in HUGE trouble if it didn't. :-3
Regards, -- Jochen Bern Systemingenieur Binect GmbH
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
