Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-17 Thread Darren Tucker
On Wed, Apr 17, 2013 at 03:55:25PM +0800, f5b wrote: > BTW, > 1. UsePrivilegeSeparation default sshd_config and manual not sync in current. > 2. why ``yes''? but not 'yes' or "yes" in manual. > > # less /etc/ssh/sshd_config | grep UseP > UsePrivilegeSeparation sandbox # Default for new i

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-17 Thread Darren Tucker
On Tue, Apr 16, 2013 at 12:25:54PM +0800, f5b wrote: > the user share can not sftp to the server, > but same config in Mar 1 snapshot, sftp is ok. it's caused by this change (feed it to patch -R to revert it), and it's because the uid has already been set at this point. I haven't figured out the

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-17 Thread f5b
BTW, 1. UsePrivilegeSeparation default sshd_config and manual not sync in current. 2. why ``yes''? but not 'yes' or "yes" in manual. # less /etc/ssh/sshd_config | grep UseP UsePrivilegeSeparation sandbox # Default for new installations. # man sshd_config Says The default is ``yes'' U

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-16 Thread Damien Miller
On Wed, 17 Apr 2013, Darren Tucker wrote: > On Tue, Apr 16, 2013 at 12:25:54PM +0800, f5b wrote: > > the user share can not sftp to the server, > > but same config in Mar 1 snapshot, sftp is ok. > > it's caused by this change (feed it to patch -R to revert it), and it's > because the uid has alre

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-16 Thread Ville Valkonen
On 16 April 2013 18:24, Stefan Johnson wrote: > On Mon, Apr 15, 2013 at 11:25 PM, f5b wrote: > >> server >> kern.version=OpenBSD 5.3-current (GENERIC.MP) #71: Sat Apr 13 17:21:57 >> MDT 2013 >> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP >> >> /etc/ssh/sshd_config >>

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-16 Thread Stefan Johnson
On Mon, Apr 15, 2013 at 11:25 PM, f5b wrote: > server > kern.version=OpenBSD 5.3-current (GENERIC.MP) #71: Sat Apr 13 17:21:57 > MDT 2013 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > /etc/ssh/sshd_config > only add after last line > > Match Group share >

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-16 Thread Mike Erdely
I observed the same thing. Adding "UsePrivilegeSeparation no" to my sshd_config allowed connections. I haven't been able to troubleshoot this further. On Tue, Apr 16, 2013 at 6:07 AM, Ville Valkonen wrote: > On 16 April 2013 07:25, f5b wrote: >> server >> kern.version=OpenBSD 5.3-current (GENE

Re: snapshot ssh: ChrootDirectory sftp Connection closed

2013-04-16 Thread Ville Valkonen
On 16 April 2013 07:25, f5b wrote: > server > kern.version=OpenBSD 5.3-current (GENERIC.MP) #71: Sat Apr 13 17:21:57 MDT > 2013 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > /etc/ssh/sshd_config > only add after last line > > Match Group share > ForceComma