P.S. - RE: [redhat-list] updates pending question

Constance Morris cmorris at daltonstate.edu
Fri May 10 20:10:50 UTC 2013 

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com] On Behalf Of Alfred Hovdestad
Sent: Friday, May 10, 2013 3:53 PM
To: General Red Hat Linux discussion list
Subject: Re: P.S. - RE: [redhat-list] updates pending question



On 10/05/13 12:06 PM, Constance Morris wrote:

>> Hi Mr. Hovdestad,
>>
>> Yum update shows me there are no packages marked for update.
>> Yes, the locations are the same for sftp and ssh, but not sshd.
>> Not sure if that makes a difference with the sshd not being in a similar path location as the other two.
>> But they all 3 are showing to belong to the same package.
>>
>> Constance
>>
>
> Hi Constance.
>
> The ssh and sftp commands should belong to the same package, openssh-clients.  The sshd daemon belongs to the openssh-server package.
>    The versions should match (or at least be very close).
>
>   From your other posts I think that your faculty accounts might be in a chroot environment.  There is an article in the Red Hat Knowledge Base that describes setting up an sftp-only environment for your faculty.
> You can check this by looking for
>
> Match Group sftp
>
> in /etc/ssh/sshd_config.  This would indicate that any account created with the default group sftp would be in the chroot environment.  If they are in a chroot environment that would require that their default shell and home directory be specified according to the chroot configuration (-s /bin/false, -d /username [relative to the chroot environment]).
>
> --
> Alfred
> ----------
>
> Hi Alfred,
>
> Yes, I do believe they might be supposed to be in a chroot environment.
>
> I found an article titled ' can I set up sftp to chroot only particular users in rhel' and I followed the instructions of modifying the /etc/ssh/sshd_config to have:
>
> Comment out the #Subsystem 	sftp	/usr/libexec/openssh/sftp-server
> And put this as active = subsystem	sftp	internal-sftp
>
> * Now my sshd_config was different than above. It had:
> Subsystem 	sftp	/bin/sh -c 'umas 0002; /usr/libexec/openssh/sftp-server'
>
> Exactly like that. But I tried the above by commenting it out and adding the other line and the rest of the data as follows:
>
> Match Group www
> 	ChrootDirectory /faculty-staff/%u
> 	AllowTcpForwarding no
> 	ForceCommand internal-sftp
> 	X11Forwarding no
>
> And then did as it said and created a user, made a directory folder for that user in /faculty-staff and changed ownership and permissions.
> Then it said to restart the sshd service and upon doing so I got the following error message:
>
> Starting sshd: /etc/ssh/sshd_config: line 122: Bad configuration 
> option: Match
> /etc/ssh/sshd_config: terminating, 1 bad configuration options
>                                                             [FAILED]
>
> Any thoughts? The comments on the article mentioned there being a problem with selinux.
>
> Constance
>
>


Hi Constance.

What version of Red Hat are you running?  I'm thinking that it is likely RHEL 5.  The Match keyword for openssh was introduced with openssh 5 (RHEL 6).  That might be why your predecessor had installed a newer version of openssh (outside of RHEL).

And if sshd isn't running your faculty won't be able to login.  You may have to re-install the custom version of openssh to resolve this issue.

--
Alfred
--------

Hey Alfred,
Yes, I'm running RHEL 5.9 (Tikanga)
How will I know which is the custom version of openssh to re-install? And do I have to download it from a website first and then upload it to the server, or do I type in a command?

When I enter the command:   yum install openssh      or       yum install openssh-server
I get error messages either way saying :

" Loaded plugins: rhnplugin, security
Traceback (most recent call last):
  File "/usr/bin/yum", line 29, in ?
    yummain.user_main(sys.argv[1:], exit_code=True)
  File "/usr/share/yum-cli/yummain.py", line 309, in user_main
    errcode = main(args)
  File "/usr/share/yum-cli/yummain.py", line 161, in main
    return exFatal(e)
  File "/usr/share/yum-cli/yummain.py", line 64, in exFatal
    logger.critical('\n\n%s', to_unicode(e))
  File "/usr/lib/python2.4/logging/__init__.py", line 1019, in critical
    apply(self._log, (CRITICAL, msg, args), kwargs)
  File "/usr/lib/python2.4/logging/__init__.py", line 1078, in _log
    record = self.makeRecord(self.name, level, fn, lno, msg, args, exc_info)
  File "/usr/lib/python2.4/logging/__init__.py", line 1064, in makeRecord
    return LogRecord(name, level, fn, lno, msg, args, exc_info)
  File "/usr/lib/python2.4/logging/__init__.py", line 226, in __init__
    if args and (len(args) == 1) and args[0] and (type(args[0]) == types.DictType):
 TypeError: 'NoneType' object is not callable"

Thanks,
Constance

More information about the redhat-list mailing list