Solaris9 just drops connection

Russell Millard Oliver Fri, 22 Feb 2008 09:58:22 -0800

I am having the problem on Solaris 9 using OpenSSH 4.7p1 that I can't
seem to make a valid connection.  I've used the script (modified for my
file system) found in the discussion labeled "chroot() failed, 2: Not
Owner"
http://sourceforge.net/mailarchive/forum.php?thread_name=2B2E102A5843024
EB001F3419527C546013B9AF5%40ushrm232.amer.corp.eds.com&forum_name=rssh-d
iscuss
 
I was originally having that problem as well, but setting suid on
/usr/local/libexec/rssh_chroot_helper seemed to eliminate that problem.
Other than that, I'm not really sure what is happening.  Looking at the
log, it doesn't show any more errors but I just get kicked out.  I think
I have all files necessary to run in my chroot.  Here is a listing of
files and permissions found in my chroot:
 
.:
total 14
drwxr-xr-x 11 root     fdusers  512 Feb 22 10:09 ./
drwxr-xr-x  6 root     other    512 Jan 15 12:34 ../
drwxr-xr-x  2 root     other    512 Feb 22 10:09 bin/
drwxr-x---  4 psoft    fdusers  512 Jan 15 12:40 depts/
drwxr-xr-x  2 root     other    512 Feb 22 10:09 dev/
drwxr-xr-x  2 root     other    512 Feb 22 10:09 etc/
drwxr-xr-x  3 root     other    512 Feb 22 10:07 home/
-rwxr--r--  1 root     other   2760 Feb 22 10:09 jailer*
drwxr-xr-x  3 root     other    512 Feb 22 10:09 opt/
drwx------  4 usertst1 css      512 Jan 25 16:02 usertst1/
drwx------  2 usertst2 css      512 Feb 12 13:53 usertst2/
drwxr-xr-x  6 root     other    512 Feb 22 10:09 usr/
 
./bin:
-r-xr-xr-x  1 root bin     209276 Oct 19  2006 ksh*
-r-xr-xr-x  1 root bin       4504 Apr  6  2002 pwd*
 
./dev:
-rw-rw-rw-  1 root sys       0 Feb 22 09:49 null
 
./etc:
-r--r--r--  1 root sys     1015 Feb 22 10:07 passwd
 
./usr:
drwxr-xr-x  2 root other   512 Feb 22 10:09 bin/
drwxr-xr-x  2 root other   512 Feb 22 10:09 lib/
drwxr-xr-x  6 root other   512 Feb 22 10:09 local/
drwxr-xr-x  3 root other   512 Feb 22 10:09 platform/
 
./usr/bin:
-r-xr-xr-x 1 root bin   209276 Oct 19  2006 ksh*
-r-xr-xr-x 1 root bin    13376 Aug  5  2007 ldd*
 
./usr/lib:
-rwxr-xr-x 1 root bin   231076 Aug  5  2007 ld.so.1*
-rwxr-xr-x 1 root bin    52308 Nov 21  2003 libaio.so.1*
-rwxr-xr-x 1 root bin   867616 Dec 14 16:41 libc.so.1*
-rwxr-xr-x 1 root bin    22920 Apr  6  2002 libcmd.so.1*
-rwxr-xr-x 1 root bin     4400 Aug  5  2007 libdl.so.1*
-rwxr-xr-x 1 root bin   160340 Aug  5  2007 libelf.so.1*
-rwxr-xr-x 1 root bin    11448 Apr  6  2002 libmd5.so.1*
-rwxr-xr-x 1 root bin    21676 Apr  6  2002 libmp.so.2*
-rwxr-xr-x 1 root bin   744524 Oct 26 10:11 libnsl.so.1*
-rwxr-xr-x 1 root bin   316552 Sep 20 11:13 libresolv.so.2*
-rwxr-xr-x 1 root bin    35884 Nov 21  2003 librt.so.1*
-rwxr-xr-x 1 root bin    23920 Apr  6  2002 libsecdb.so.1*
-rwxr-xr-x 1 root bin    58504 Apr  6  2002 libsocket.so.1*
 
./usr/local:
drwxr-xr-x 2 root other 512 Feb 22 10:09 bin/
drwxr-xr-x 2 root other 512 Feb 22 10:09 lib/
drwxr-xr-x 2 root other 512 Feb 22 10:09 libexec/
drwxr-xr-x 3 root other 512 Feb 22 10:09 ssl/
 
./usr/local/bin:
-rwxr-xr-x 1 root bin    77964 Nov 15  2006 pwd*
-rwxr-xr-x 1 root bin    28064 Jan 11 21:42 rssh*
-rwxr-xr-x 1 root bin   137392 Oct 19 21:14 scp*
 
./usr/local/lib:
-rw-r--r-- 1 root bin   171544 Oct  8  2006 libgcc_s.so.1
-rwxr-xr-x 1 root bin    84736 Aug  1  2005 libz.so*
 
./usr/local/libexec:
-rwxr-xr-x 1 root bin    27364 Jan 11 21:42 rssh_chroot_helper*
-rwsr-xr-x 1 root bin   124852 Oct 19 21:14 sftp-server*
 
./usr/local/ssl:
drwxr-xr-x 2 root other 512 Feb 22 10:09 lib/
 
./usr/local/ssl/lib:
-r-xr-xr-x 1 root bin   1603912 Oct 19 03:39 libcrypto.so.0.9.8*
 
./usr/platform:
drwxr-xr-x 3 root other 512 Feb 22 10:09 SUNW,Sun-Blade-1500/
 
./usr/platform/SUNW,Sun-Blade-1500:
drwxr-xr-x 2 root other 512 Feb 22 10:09 lib/
 
./usr/platform/SUNW,Sun-Blade-1500/lib:
-rwxr-xr-x 1 root bin    4504 Sep 15  2003 libc_psr.so.1*
-rwxr-xr-x 1 root bin   11464 Sep 15  2003 libmd5_psr.so.1*


 
 
And here is the log file when making a connection:
 
Feb 22 10:18:17 porter sshd[1604]: [ID 800047 auth.info] Connection from
10.84.43.50 port 1663
Feb 22 10:18:18 porter sshd[1604]: [ID 800047 auth.info] Failed none for
usertst1 from 10.84.43.50 port 1663 ssh2
Feb 22 10:18:18 porter sshd[1604]: [ID 800047 auth.info] Failed
publickey for usertst1 from 10.84.43.50 port 1663 ssh2
Feb 22 10:18:20 porter sshd[1604]: [ID 800047 auth.info] Accepted
keyboard-interactive/pam for usertst1 from 10.84.43.50 port 1663 ssh2
Feb 22 10:18:20 porter sshd[1607]: [ID 800047 auth.info] subsystem
request for sftp
Feb 22 10:18:20 porter rssh[1608]: [ID 702911 daemon.info] setting log
facility to LOG_USER
Feb 22 10:18:20 porter rssh[1608]: [ID 702911 user.info] allowing scp to
all users
Feb 22 10:18:20 porter rssh[1608]: [ID 702911 user.info] allowing sftp
to all users
Feb 22 10:18:20 porter rssh[1608]: [ID 702911 user.info] setting umask
to 022
Feb 22 10:18:20 porter rssh[1608]: [ID 702911 user.info] chrooting all
users to /opt/psoft/users
Feb 22 10:18:20 porter rssh[1608]: [ID 702911 user.info] chroot cmd
line: /usr/local/libexec/rssh_chroot_helper 2
"/usr/local/libexec/sftp-server"
Feb 22 10:18:20 porter sshd[1607]: [ID 800047 auth.info] Connection
closed by 10.84.43.50
Feb 22 10:18:20 porter sshd[1607]: [ID 800047 auth.info] Closing
connection to 10.84.43.50

 
And finally, here are the only five uncommented lines in my
/usr/local/etc/rssh.conf:
logfacility = LOG_USER
allowscp
allowsftp
umask = 022
chrootpath = /opt/psoft/users

 
Any ideas??
 
Thanks,
Russ Oliver

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/

_______________________________________________
rssh-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rssh-discuss

Solaris9 just drops connection

Reply via email to