ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1) - openssh

This is a discussion on ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1) - openssh ; Hi guys, I have a server setup with openssh-5.0p1 and use some users as sftp-only chroot accounts. The following configuration yields exactly the result I want: user is chrooted, logs to syslog, all is good. #================================================# Subsystem sftp internal-sftp -f ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1)

  1. ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1)

    Hi guys,
    I have a server setup with openssh-5.0p1 and use some users as
    sftp-only chroot accounts.

    The following configuration yields exactly the result I want:
    user is chrooted, logs to syslog, all is good.

    #================================================#
    Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE

    Match User fredwww
    ChrootDirectory %h
    #ForceCommand internal-sftp
    #================================================#

    If I un-comment ForceCommand internal-sftp, syslog no longer
    logs activity from internal-sftp.

    I have the /dev/log setup with my syslog, and as I
    said, without ForceCommand it works fine.

    I looked through the source, but am not super c savvy so I could
    not see why this would cause a problem, but I think it has to do with
    the -f -l arguments not getting through properly to sftp-server.

    I would be happy to provide more information to get this sorted,
    let me know what you need or if I am missing something blatant please.

    Thank you,

    Fred Kilbourn
    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@mindrot.org
    https://lists.mindrot.org/mailman/li...enssh-unix-dev


  2. Re: ForceCommand internal-sftp causes sftp logging to fail(openssh-5.0p1)

    "Fred Kilbourn" wrote:
    > Hi guys,
    > I have a server setup with openssh-5.0p1 and use some users as
    > sftp-only chroot accounts.
    >
    > If I un-comment ForceCommand internal-sftp, syslog no longer
    > logs activity from internal-sftp.


    I'm experiencing the same thing, any solutions? I think I have done
    everything right:

    Subsystem sftp internal-sftp -l VERBOSE

    Match User user
    ChrootDirectory /home/user
    ForceCommand internal-sftp
    AllowTcpForwarding no


    Syslog runs as: /sbin/syslogd -r -a /home/user/dev/log

    and directory /home/user/dev exists.

+ Reply to Thread