# I am a newbie when it comes to Linux,
# but I just wanted to post the instructions that I came up with for
installing/configure RSSH on
# RHEL4 in case it can help anyone else out there that is looking to
# provide SFTP access while restricting SSH access.
# This was done on a Minimal install of RHEL4 after the installation of
vsftpd package
cat /etc/redhat-release #RedHat Enterprise Linux ES release 4
# Installing/Configuring RSSH 2.3.2 for RedHat Enterprise Linux ES release 4
# Assumes a mount called /space
mkdir -p /space/chroot/etc/ld.so.conf.d
mkdir -p /space/chroot/usr/libexec/openssh
mkdir -p /space/chroot/lib/tls
mkdir -p /space/chroot/usr/lib
mkdir -p /space/packages
mkdir -p /home
mv /home /space/chroot
ln -s /space/chroot/home /home
ftp 194.199.20.114
#username anonymous
#password <blank>
lcd /space/packages
cd linux/dag/redhat/el4/en/i386/dag/RPMS/
get rssh-2.3.2-1.2.el4.rf.i386.rpm
bye
cd /space/packages
rpm -Uvh rssh-2.3.2-1.2.el4.rf.i386.rpm
vi /etc/rssh.conf
# Uncomment allowsftp
# Uncomment chrootpath
# Change rootpath to /space/chroot
:wq
cp /usr/libexec/openssh/sftp-server
/space/chroot/usr/libexec/openssh/sftp-server
cp /usr/libexec/rssh_chroot_helper
/space/chroot/usr/libexec/rssh_chroot_helper
ldd `which scp`
cp /lib/libcrypto.so.4 /space/chroot/lib/libcrypto.so.4
cp /lib/libutil.so.1 /space/chroot/lib/libutil.so.1
cp /usr/lib/libz.so.1 /space/chroot/usr/lib/libz.so.1
cp /lib/libnsl.so.1 /space/chroot/lib/libnsl.so.1
cp /lib/libcrypt.so.1 /space/chroot/lib/libcrypt.so.1
cp /lib/libselinux.so.1 /space/chroot/lib/libselinux.so.1
cp /usr/lib/libgssapi_krb5.so.2 /space/chroot/usr/lib/libgssapi_krb5.so.2
cp /usr/lib/libkrb5.so.3 /space/chroot/usr/lib/libkrb5.so.3
cp /usr/lib/libk5crypto.so.3 /space/chroot/usr/lib/libk5crypto.so.3
cp /lib/libcom_err.so.2 /space/chroot/lib/libcom_err.so.2
cp /lib/libresolv.so.2 /space/chroot/lib/libresolv.so.2
cp /lib/tls/libc.so.6 /space/chroot/lib/tls/libc.so.6
cp /lib/libdl.so.2 /space/chroot/lib/libdl.so.2
cp /lib/ld-linux.so.2 /space/chroot/lib/ld-linux.so.2
ldd /user/libexec/openssh/sftp-server
ldd /user/libexec/rssh_chroot_helper
# Verify there aren't any additional dependencies
cp /lib/libnss_files.so.* /space/chroot/lib/
cp /lib/libnss_ldap.so.* /space/chroot/lib/
echo /usr/bin/rssh >> /etc/shells
useradd -s /usr/bin/rssh jdoe
passwd jdoe
# Input and verify password
vi /etc/ssh/sshd_config
# Uncomment LoginGraceTime and change to 1m
# Uncomment MaxAuthTries and change to 3
# Uncomment PermitUserEnvironment and change to no
# Uncomment AllowTCPForwarding and change to no
:wq
/etc/rc.d/init.d/sshd restart
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
rssh-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rssh-discuss
