Secure Shell
sftp-server logging under chroot & privilege separation Mar 08 2010 05:53PM
kjh26 chrysler com (2 replies)
Re: sftp-server logging under chroot & privilege separation Mar 08 2010 10:07PM
Robert Hajime Lanning (robert lanning gmail com)
It might be an issue with /dev/log not existing in the chrooted
environment.

If you are running syslog-ng, you could tell it to open a second
Unix domain dgram socket. ("unix-dgram(/chroot/path/dev/log);")

On Mon, Mar 8, 2010 at 9:53 AM, <kjh26 (at) chrysler (dot) com [email concealed]> wrote:
> Hello:
>
> We are using OpenSSH 5.3p1.
>
> We are using this to host an SFTP drop-box.  We have implemented chroot &
> privilege separation.
>
> For corporate security reasons, we are running sshd as an application ID
> setuid root (long story - don't want to go into it here)
>
> The issue we are noting is that we 'lose' SFTP logging of commands when
> sshd is run normally.
>
> When we run it in DEBUG, we see the SFTP commands in the log.
>
> We suspected the chrooting/priv sep had something to do with it, however,
> changing the sftp-server to be setuid root did not fix the issue.
>
> Any ideas?
>
>
> Thanks
>
>
> Kevin J. Herman
> Sr. Systems Analyst
> EBMX [Electronic Business Message eXchange]
> ITM - Procurement Systems
>
> T/L 776-6793
> O/L (248)576-6793
> FAX (248)576-2185
>
> CTC E3000-3S2E8
> CIMS 483-01-19
> LOC/DEPT: 1100-1721
>
>

--
And, did Galoka think the Ulus were too ugly to save?
-Centauri

[ reply ]
Re: sftp-server logging under chroot & privilege separation Mar 08 2010 07:24PM
Lars Nooden (lars curator gmail com) (1 replies)
Re: sftp-server logging under chroot & privilege separation Mar 08 2010 11:29PM
kjh26 chrysler com


 

Privacy Statement
Copyright 2010, SecurityFocus