Comments for Justin Samuel

Comment on scponly rpms with chroot enabled added for rhel4 by justin

justin — Mon, 11 Feb 2008 23:24:22 +0000

There could be conflicts using the el5 rpms on el4, but I have el4 rpms available, also (I should have linked to both before).

Here are the el4 rpms, with scponly in there:

http://downloads.justinsamuel.com/rpms/redhat/el4/en/i386/RPMS.js/

Comment on scponly rpms with chroot enabled added for rhel4 by Tom McManus

Tom McManus — Mon, 11 Feb 2008 21:26:33 +0000

Any chance the el5 repo rpms will conflict with el4?

Comment on scponly rpms with chroot enabled added for rhel4 by justin

justin — Tue, 15 Jan 2008 20:06:36 +0000

Tom, sorry for the slow reply. The rpms and srpms are at:

http://downloads.justinsamuel.com/rpms/redhat/el5/en/i386/

Comment on scponly rpms with chroot enabled added for rhel4 by Tom McManus

Tom McManus — Fri, 21 Dec 2007 16:08:54 +0000

Hi, thanks for the great work on this, could you post the rpms? I would like to look at it and may need to make some modifications for our system. Thanks.

Comment on HOWTO: Setup SSL certificates for mail services (pop3s, imaps, smtps) on Plesk / Courier-Imap / Qmail by joshua

joshua — Sat, 01 Dec 2007 22:20:41 +0000

Hallo Justin

Thank you for your work and this site.
regards,
joshua

Comment on HOWTO: Setup SSL certificates for mail services (pop3s, imaps, smtps) on Plesk / Courier-Imap / Qmail by noman

noman — Thu, 29 Nov 2007 18:27:22 +0000

I did not get the pop3s and imaps part to work i get the following error, any suggestions:

CONNECTED(00000003)
write:errno=54

Comment on HOWTO: Setup SSL certificates for mail services (pop3s, imaps, smtps) on Plesk / Courier-Imap / Qmail by David

David — Mon, 20 Aug 2007 22:06:49 +0000

Thanks for the walk through that is a great help.

Comment on scponly rpms with chroot enabled added for rhel4 by justin

justin — Tue, 05 Sep 2006 04:31:07 +0000

Hi,

Try setting the debug level of scponly, such as:

echo 2 > /etc/scponly/debuglevel

and then check /var/log/secure or possibly other logs after an attempt to to connect.

Likely things that can go wrong include:

a) not having a minimally-working chroot for the user you are trying to scp with.

b) having the user’s chroot directory writable by the user and/or not owned by root (security issue, scponlyc will intentionally fail in order to protect you when it detects an insecure chroot setup for using it).

c) not having scp located at /usr/bin/scp inside the user’s chroot — you’d need to rebuild the rpm on a differently-configured system to change this. By default I believe it’s looking in the same location in the user’s chroot for scp as the binary resides on the system it was compiled on. For Red Hat, which is what the rpm was compiled on, this will be /usr/bin/scp.

Comment on scponly rpms with chroot enabled added for rhel4 by Christopher

Christopher — Tue, 05 Sep 2006 03:07:42 +0000

Hello,

we have tested your SCPOnly RPM on our RHE4 box but it does not seem to work. Using WSFTP, connecting to our SSH port, 2222 we get the following error from WSFTP:

Error 842c0000 receiving sftp packet
error 842c0000 initializing sftp protocol
Sending channel close message for channel 0760a2ce
SSH Transport closed.

And our server logs show:

Sep 5 10:04:35 s1 sshd[9771]: subsystem request for sftp
Sep 5 03:04:35 s1 scponly[9772]: running: /usr/libexec/openssh/sftp-server (username: s1(10001), IP/port: 6939 2222)
Sep 5 03:04:35 s1 scponly[9772]: failed: /usr/libexec/openssh/sftp-server with error No such file or directory(2) (username: s1(10001), IP/port: 6939 2222)

Any ideas?

Comment on HOWTO: Setup SSL certificates for mail services (pop3s, imaps, smtps) on Plesk / Courier-Imap / Qmail by neo

neo — Mon, 12 Jun 2006 02:09:51 +0000

Hi :

About the pop3s for plesk, i was still not run ok!
do you have detail step can offer?

Thanks!
Neo