Hi Lars: Thanks for the info.... we are running this on Solaris 9. We are trying to stand up an OpenSSH SFTP server to integrate with our B2B message hub. The Solaris SSH does not give us the flexibility we want to run it. The other problem we are having is that since we are an 'application group', we are at the direction of the sys admins & corporate security for how we need to implement this. As for your points below: ================== ==> chrooting is being achieved via sshd_config + turn off the SUID root - there is a way around whatever it was using sudoer ==> setuid is the only way we can get this to work ==> this is being run under a 'generic' application ID - NOT ROOT + check that you have created a socket named /dev/log in the chroot hierarchy ==> I think this is my problem - I'll have to research this!!! + check that syslogd, syslog-ng, or whathaveyou is using that socket ==> we are using syslog -> root 5621 1 0 May 12 ? 66:05 /usr/sbin/syslogd Thanks Kevin J. Herman Sr. Systems Analyst EBMX [Electronic Business Message eXchange] ITM - Procurement Systems T/L 776-6793 O/L (248)576-6793 FAX (248)576-2185 CTC E3000-3S2E8 CIMS 483-01-19 LOC/DEPT: 1100-1721 Lars Nooden <lars.curator@xxxxxxxxx> Sent by: listbounce@xxxxxxxxxxxxxxxxx 03/08/2010 05:46 PM To secureshell@xxxxxxxxxxxxxxxxx cc Subject Re: sftp-server logging under chroot & privilege separation On 2010-3-8 7:53 PM, kjh26@xxxxxxxxxxxx wrote: > We are using OpenSSH 5.3p1. > > We are using this to host an SFTP drop-box. We have implemented chroot & > privilege separation. > ... Any ideas? Assuming the chroot is done via sshd_config and not the old way, here are some things to look at: + turn off the SUID root - there is a way around whatever it was using sudoer, + check that you have created a socket named /dev/log in the chroot hierarchy, + check that syslogd, syslog-ng, or whathaveyou is using that socket, + check that the partition where the chroot directory resides is not mounted with the nodev option. "The ChrootDirectory must contain the necessary files and directories to support the user's session ... sessions which use logging do require /dev/log inside the chroot directory http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config "Use of sftp-server in a chroot configuration therefore requires that syslogd(8) establish a logging socket inside the chroot directory. http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server Is that on Solaris, AIX, BSD or Linux? Regards, /Lars