From owner-freebsd-questions@FreeBSD.ORG Tue Mar 11 22:26:53 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3B1AF106566C for ; Tue, 11 Mar 2008 22:26:53 +0000 (UTC) (envelope-from philip@ridecharge.com) Received: from exhub015-1.exch015.msoutlookonline.net (exhub015-1.exch015.msoutlookonline.net [207.5.72.93]) by mx1.freebsd.org (Postfix) with ESMTP id 26E568FC16 for ; Tue, 11 Mar 2008 22:26:53 +0000 (UTC) (envelope-from philip@ridecharge.com) Received: from philip.hq.rws (74.93.213.161) by smtpx15.msoutlookonline.net (207.5.72.103) with Microsoft SMTP Server (TLS) id 8.1.240.5; Tue, 11 Mar 2008 15:26:52 -0700 Message-ID: <47D7072B.6090501@riderway.com> Date: Tue, 11 Mar 2008 18:26:51 -0400 From: "Philip M. Gollucci" Organization: Ridecharge User-Agent: Thunderbird 2.0.0.6 (X11/20070919) MIME-Version: 1.0 To: Jerry McAllister References: <47D702EC.2090908@riderway.com> <20080311221610.GB2418@gizmo.acns.msu.edu> In-Reply-To: <20080311221610.GB2418@gizmo.acns.msu.edu> Content-Type: text/plain; charset="ISO-8859-1"; format=flowed Content-Transfer-Encoding: 7bit Cc: "Philip M. Gollucci" , FreeBSD Questions Subject: Re: security/openssh-portable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Mar 2008 22:26:53 -0000 >> user:*:3000:3000::0:0:F L:/foo/./user:/bin/sh > The usual thing is make the shell /bin/nologin Hi Jerry, Thanks -- but Changed to /usr/sbin/nologin So thats not in the 'chroot' aka /foo/user/usr/sbin/nologin $ sftp -v -v -v user@devX.domain.tld OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.8e 23 Feb 2007 debug1: Remote protocol version 1.99, remote software version OpenSSH_4.7p1-hpn12v20 FreeBSD-openssh-portable-overwrite-base-4.7.p1_1,1 debug1: match: OpenSSH_4.7p1-hpn12v20 FreeBSD-openssh-portable-overwrite-base-4.7.p1_1,1 pat OpenSSH* debug2: channel 0: open confirm rwindow 0 rmax 32768 Request for subsystem 'sftp' failed on channel 0 -- ------------------------------------------------------------------------ Philip M. Gollucci (philip@ridecharge.com) o:703.549.2050x206 Senior System Admin - Riderway, Inc. http://riderway.com / http://ridecharge.com 1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching.