I installed SSH-keygen dependancies for a /chroot user.
I can now execute ssh-keygen from the /chroot user BUT I receive a message PRNG is not seeded.
When I do it from any of the users that are not /chroot users, it works fine.
I am having an issue with a Chrooted SFTP User not being able to write files.
The permissions are setup correctly as if I remove the Chroot the user can write files correctly.
User has a transfer folder which they should be able to write files to and read from, this works correctly until I apply the snippet from sshd_config file below then the user can only read files. I have tried tweaking the permissions but this doesn't seem to have helped at all.code...
I've config vsftpd chroot mode follow:
Code:
Code:
I can SSH to my own box using "ssh -X arancaytar@localhost" and run graphical applications. When I try the same using "ssh -X chris@localhost", I get an error message saying
Code:
chris@enki:~$ gedit
X11 connection rejected because of wrong authentication.
[code]....
I'm attempting to give a few buddies encrypted storage space through sftp using truecrypt.I have it worked out to the point where the truecrypt volume is automatically mounted when the user logs on, and dismounted when they log off.I would like to restrict each person to their individual home folders. This way, I can control exactly how much space each user is able to use (through the size of the truecrypt volume), while maintaining security through the network due to using SFTP.
I've been looking around, and the only thing I can see is restricting a large group of users to a single directory, this won't work, I need each person to be locked down to their personal home directory.My end goal is to have these volumes "mountable" in Windows through the use of Windows network drives (on a wide network, not through samba on local), or by using expandrive or a similar program. how I can lock these users to their respective home folders?
Is there a way where i can chroot their user home directory, lets say the user login on linux box /home/user, what i wanted to do is to chroot /home/user where user won't be able to browse the filesystem which is /. Tnx
View 1 Replies View RelatedIts been two days over, after my search started . But I didn't find answer any where ?. I need to call chroot as part of normal user, but to my surprise it can only be called by SUper user with CAP_SYS_CHROOT capabilities. I am not sure how to add this capability to my user .
View 10 Replies View RelatedI have a question that i want to make a normal user to execute the commands which the root user is able to execute, say if i have a user named siru and when i logged in using siru i cannot run commands like tracert,nmap@loccalhost and all but i can run when i have logged into root account so my question is how to make siru to run the command tracert,nmap@localhost.I have even edited the .bash_profile of siru's home directory from
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
[code]...
Apache is run as www as is all the files/folders. People are uploading via FTP, scp, so the problem is if I chmod so everyone can read, then rsync as a user it works until new files are added which then my ; if rsync fails with a permission denied. Now I can add a chmod in the script so everyone can read, but since www can already read, I figured I would just change my script to use www. I added the ssh key to his authorized_keys file, but when I try to just ssh in I see this in the secure file;
server sshd[29539]: User www not allowed because account is locked
sshd[29539]: Failed none for invalid user www from ip port 54983 ssh2
Now I read a few places already saying I need to add a password to the account, etc. but before I jump and try all I read, 1st major one, will this now break apache? Will this affect any startup things, etc. and .... will that unlock that user for ssh in or is there another preferred method?
I'm looking for a way to limit:
-memory usage (mb/user)
-cpu usage
-processes (amount and no same process multiply)
-connections (amount of connections (to specific host))
-bandwidth (kbps/user and even owerall for regular users)
-disk usage
-available commands
For every other users than me/root.
get the steps for LDAP user to NIS user migration?
View 1 Replies View RelatedI have set up a debian 5 server with ISPConfig and PostFix using Perfect Server toturial [url].
Now i have huge problem i'm getting eather "No such user here" message from SMTP server hosted at hosting provider or Unknow User: name from my ISP's SMTP server (free mails they provide)...
Mail LOG:
Code:
I have key-based authentication working for one user on a cluster--
Code:
user@thisnode > ssh user@othernode
last login blah blah blah..
user@othernode >
but if I switch to that user and try it, I get an error--
[Code]...
I just setup a debian OS(in emulator) and trying to use apt-get update. When I log in as root and do:
export http_proxy=http://proxy.com:9090
apt-get update works
If I use another user and ssh to this debian, sudo apt-get update will fail to work because it don't use the proxy. I try to do the export http_proxy stuff again but still not working. echo $http_proxy showing it already set correctly...
p/s:
I have a workaround by adding this lines in the apt.conf
ACQUIRE {
http::proxy "http://proxy.com:9090"
}
but I really don't want this solutions because I want to easily disable the http_proxy in command prompt (by unset it).
After update dbus-glib-0.86-4.fc13 [URL] the touchpad stopped working for the my session(user) I created another user to test and it is working ...
fedora 13 gnome
If I log in as root I can vi/vim a file with no problems. When I log in as a regular user I get the following error when I try to vi/vim.
[Code]...
Why does vi/vim work as root and not a regular user? Also what rpm's can I install to get it working?
On a PC with 4 users (Karmic), I have installed a webcam. Everything (cam and mic) works for the default user. Cam works in cheese. For the 3 other users, there only are a "testpicture" in cheese and no mic . ???
View 4 Replies View RelatedI'm new to Ubuntu and I'm pretty sure I'm just missing something simple. I want to use Samba to share my raid array to all of my machines, so I have...Installed Ubuntu and created a single user: mattMounted my ext4 raid set with fstab:
Code:
UUID=78d85398-d179-4640-bb1b-f770ba90abb1 /media/Data ext4 defaults 0 0
Installed Samba (real Samba, I haven't touched the Nautilus-Share right-click thing):
[code]...
I can't get a program (wbar) to run directly from my user account, it fails saying "Image not found -> maybe using a relative path?". But if I run su -c "wbar", it shows up and manages to load the image. I think it has something to do with ImLib2 or whatever loads the image. I checked permissions on libImlib2.so.1 and it's world-readable and executable. Can libImlib2.a be causing this problem, set to 644? What else should I be checking?
View 2 Replies View RelatedA regular (non admin) user can create a Truecrypt 7.0a file, but it can't be mounted. The admin password is refused. If you try the regular user password, the error is that you are not on the sudo list.
View 1 Replies View RelatedI have a very strange problem.ometimes, yes sometimes not all the time, I get a Destination Host Unreachable when I ping a computer on my network. If I switch to root using su I can ping that same computer. Here is a screen shot:
joseph@laptop:~$ ping 192.168.1.14
PING 192.168.1.14 (192.168.1.14) 56(84) bytes of data.
From 192.168.1.9 icmp_seq=2 Destination Host Unreachable
[code]...
I cannot find a post that matches this scenario...the id created during the install (from CD) of Karmic has fully usable sound. However, users created from the Users and Groups app do not.
I have made sure that all users are defined to the audio, pulse, pulse-audio, and pulse-rt groups. No luck.
I have followed every step I have read having to do with the alsamixer. No luck.
I have verified that alsa and linux itself are at the latest versions.
For some reason I can't connect my JVC MiniDv camera in kdenlive (or kino) until I run this script in terminal
Code:
sudo chmod 666 /dev/raw1394
but it needs re-entering each time I reboot my PC.
How can I make this access permanent?
I have keys set up on ubuntu server 10.10 When I issue "It failes for publickey"
Code:
ssh -i ~/.ssh/id_rsa USERNAME@MYSITE -v
Code:
skip...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
[Code]....
I'm using fedora 12 and modified the user login options(normal and super user login). I've been using the accounts for a while but i've bumped into a problem - audio not working as a normal user but works when logged in as root. Also, i'm not able to use VLC as a root user.
View 1 Replies View RelatedKuser no longer works for 'rob' but still works for 'robert' & 'root'. It launches (i.e. the cursor bounces up & down and a Kuser box appears in the task bar) but the Kuser screen never opens. Finally, the bouncing cursor disappears as well as the Kuser box in the task bar.
View 1 Replies View RelatedI've run into a strange problem with GDM that I haven't managed to find a solution for yet, either by trying myself or googling, and I have run out of good ideas. I'll just infodump here about the problem and what I've tried etc;
I installed Ubuntu on a new PC a few weeks ago, setting it up with autologin for my mom and a separate user for myself, using the on/off-icon menu in the top-right corner to switch to my own user and back as needed, and logging the user out when done. This worked quite well.
However, a few days ago, this stopped working; logging out or trying to switch now leaves me with a blank black screen, without even a mouse pointer (but not off, the backlight is on).
EDIT: To clarify, this is an issue that only affects the GDM login screen, but that affects it whenever it is used, wether it is on boot (when not set to autologin), after logging out, or when trying to switch user.
At this point, I can usually use Ctrl-Alt-F1 to get a textmode login, and Ctrl-Alt-F7 to get back to the auto-logged in session (assuming I tried to switch, not logout).
I can't think of anything specific I did or installed around then that should be related in any way...
I tried disabling autologin and restarting gdm, which left me with the same black screen (which is still there after rebooting), instead of the expected login window. I managed to re-enable autologin by manually editing the /etc/gdm/custom.conf file, so that it would at least work for mom.
I've also tried to change which user is auto-logged in, thinking it might be a problem with my user account, but both users get an automatic session just fine when I restart gdm.
I thought it might be a problem with the video driver, but that's not the case - if I run zenity --info as root with DISPLAY set correctly, the dialog box appears on the screen just fine. It has no borders or titlebar (there's no windowmanager), and is apparently without keyboard focus, so since there's no visible mouse pointer I can't click the OK button... But since it appears, X is apparently up and running just fine, just has nothing to display other than a black background.
I tried purging and reinstalling gdm and gnome-session(-bin|-common), but that didn't help any.
Running ck-list-sessions after trying to switch indicates that there's a new session there, with session-type = 'LoginWindow', so it appears to think everything's fine.
Enabling debug output in the /etc/gdm/custom.conf file did get me some more debug output in the gdm logs, but it didn't really tell me anything, there weren't any obvious problems that I could see.
After some looking around, I've guessed that it's supposed to be running gdm-simple-greeter, which I assume would display a login box; trying to run it manually doesn't work though (it's missing some environment variables, and trying to add them based on the abovementioned debug output doesn't really help).
i am relatively new to ubuntu. Just recenty i have not been able to access certain files(for example the history and bookmarks in the firefox folder), download files individually from the internet(music,fonts,etc), recieving an error message
Quote: Originally Posted by firefox error console
Error: [Exception... "Component returned failure code: 0x80520015 (NS_ERROR_FILE_ACCESS_DENIED) [nsIFileOutputStream.init]" nsresult: "0x80520015 (NS_ERROR_FILE_ACCESS_DENIED)" location: "JS frame :: file:///usr/lib/firefox-3.6.13/components/nsSessionStore.js :: sss_writeFile :: line 2944" data: no][code]...
i have sudo priveleges and can install via update manager. i read somewhere that compizfusion might affect access permissions and i do use compiz and emerald at the same time.
I have a few multi-user servers in an academic laboratory. I am having a problem with some users maxing out the available RAM, causing such sever slowdowns the machine essentially crashes. My servers are Dell Power Edge's running Ubuntu 8.10 Server Edition (Not my choice). I would like to set a maximum limit on the amount of ram a user can utilize. This morning I experimented with setting limits via /etc/security/limits.conf and using ulimit. Neither of them prevented my test program, a simple infinite loop of mallocs, from crashing the server.
View 7 Replies View RelatedPrelude: OpenSUSE 11.2 (2.6.31.8-0.1-desktop), installed Novell client 2.0 SP2 (novell-client-2.0-sp2-sle11-i586.iso).
I found that if any usual user is logged into a NDS-tree, then _local_ root has full access to user's network shares, including the user's home directory located on remote Netware-server. Is it by design or
have I missed something? Nevertheless in windows local admin has no access to network resources mounted of any other user. If you runas shell (as admin) then admin in principle can't "see" network shares which were mounted (connected) by other users - they are accessible ("visible") per session.
