• sidi
  • MSS Newbie
  • Offline
  • Registered: 2008-02-01
  • Posts: 7

Topic: Can't change directory

Hello,

I have little problem with  MySecureShell on my Debian 4.0 box. I installed MySecureShell via "apt-get install mysecureshell".
Afer changing the loginshell of a user - say "sidi" to /bin/mysecureshell.sh and adding the "sftp" line in /etc/ssh/sshd_config I can
log in with sftp. But as soon as I try a "dir", "ls" or "cd" I got:

sftp> dir
Couldn't stat remote file: Permission denied
Can't ls: "/var/www/web87" not found
sftp> cd web
Couldn't stat remote file: Permission denied

/var/www/web87 ist the home-dir of the user "sidi".

Wenn I set both "StayAtHome" and "VirtualChroot" to false I can use "dir" and "cd" but then the user can change above his home-directory,
which is what I doesn't want.

Users should only see their home-directorys and should only changedir inside their one home-directory.
In this case /var/www/web87 and below.

What have I done wrong?

Many thanks &  regards,
  martin

  • teka
  • Administrator
  • Offline
  • From: France
  • Registered: 2007-11-18
  • Posts: 806

Re: Can't change directory

Hi,

Can you past your config of MySecureShell ? smile


Best regards,
Team MySecureShell.

  • sidi
  • MSS Newbie
  • Offline
  • Registered: 2008-02-01
  • Posts: 7

Re: Can't change directory

Hello teka,

That was an fast reply smile
Here are the lines that doesn't begin with an "#":
Hope that helps.

<Default>
    GlobalDownload        50k        #total speed download for all clients
                                         #  o -> bytes   k -> kilo bytes   m -> mega bytes
    GlobalUpload        0            #total speed download for all clients (0 for unlimited)
    Download         5k            #limit speed download for each connection
    Upload             0               #unlimit speed upload for each connection
    StayAtHome        false         #limit client to his home
    VirtualChroot        true          #fake a chroot to the home account
    LimitConnection        10        #max connection for the server sftp
    LimitConnectionByUser    1    #max connection for the account
    LimitConnectionByIP    2    #max connection by ip for the account
    Home            /home/$USER    #overrite home of the user but if you want you can use
                               #    environment variable (ie: Home /home/$USER)
    IdleTimeOut        300         #(in second) deconnect client is idle too long time
    ResolveIP        true           #resolve ip to dns
                                   #Add execution right for directory if read right is set
                               #this extented POSIX regex
    HideNoAccess        true    #Hide file/directory which user has no access
    DefaultRights        0640 0750    #Set default rights for new file and new directory
       ShowLinksAsLinks    false    #show links as their destinations
       Charset            "ISO-8859-15"    #set charset of computer
</Default>

best regards,
  sidi

  • teka
  • Administrator
  • Offline
  • From: France
  • Registered: 2007-11-18
  • Posts: 806

Re: Can't change directory

Hi,


Try to comment line "HideNoAccess" to see if it solved your problem.


Best regards,
Team MySecureShell.

  • sidi
  • MSS Newbie
  • Offline
  • Registered: 2008-02-01
  • Posts: 7

Re: Can't change directory

Hello,

I have test it, but the result is the same:

sftp> dir
Couldn't stat remote file: Permission denied
Can't ls: "/var/www/web87" not found
sftp> cd web
Couldn't stat remote file: Permission denied

best regards,
  martin

  • teka
  • Administrator
  • Offline
  • From: France
  • Registered: 2007-11-18
  • Posts: 806

Re: Can't change directory

Hi,

Which version of MySecureShell is installed on your box?


Maybe with VirtualChroot at false and StayAtHome at true, it's better?

Can't ls: "/var/www/web87" not found

This directory exist ? hmm

  • sidi
  • MSS Newbie
  • Offline
  • Registered: 2008-02-01
  • Posts: 7

Re: Can't change directory

Hi,

~# /bin/MySecureShell --version
MySecureShell is version 1.0 build on Dec  9 2007

Options:
  ACL support: yes
  UTF-8 support: yes

Sftp Extensions:
  Disk Usage
  File Hashing

I have tried any combination of "VirtualChroot" and "StayAtHome" set to
true or false. Only if I set both to false I can do an "cd" or "ls" but than the
user can also change above his home directory.

And yes, /var/www/web87 exist and it is owned by the user I use to log in smile

Verry strange...

Best regards,
  martin

  • teka
  • Administrator
  • Offline
  • From: France
  • Registered: 2007-11-18
  • Posts: 806

Re: Can't change directory

Hi,

Can you past your log file (by default: /var/log/sftp-server.log) ?

Thank you smile

  • sidi
  • MSS Newbie
  • Offline
  • Registered: 2008-02-01
  • Posts: 7

Re: Can't change directory

Hi!

Oh shit, I'm lame wink I haven't looked at this logfile before:

Couldn't go to home '/home/sidi' : No such file or directory.

Ok, the users home is defined as "Home            /home/$USER" in
the config.

Hmm, that will be a problem in my case because the home directory for the user "sidi" is
/var/www/web87 for example.

Wouldn't it be wiser to get the home directory from the corresponding field in /etc/passwd?

Many thanks,
  martin

  • teka
  • Administrator
  • Offline
  • From: France
  • Registered: 2007-11-18
  • Posts: 806

Re: Can't change directory

Hi,

If you delete line "Home /home/$USER" then MySecureShell use default home of user (defined in /etc/passwd) wink

  • sidi
  • MSS Newbie
  • Offline
  • Registered: 2008-02-01
  • Posts: 7

Re: Can't change directory

Hi!

That was it! Now it works! Thank you very much!

MySecureshell is a verry nice tool!

Best regards,
  martin

  • teka
  • Administrator
  • Offline
  • From: France
  • Registered: 2007-11-18
  • Posts: 806

Re: Can't change directory

Thank you big_smile


Best regards,
MySecureShell Team.