0

I encountered an issue on the way the sshd daemon is configured, here we have a couple of path exposed in RO by a server, the end user have to use the service in RO on their machine use sshfs to mount it.

The configuration are:

Match Group ADGroup1
  # Force the connection to use SFTP and chroot to the required directory.
  ForceCommand internal-sftp
  ChrootDirectory /ADGroup1Dir
  # Disable tunneling, authentication agent, TCP and X11 forwarding.
  PermitTunnel no
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

Match Group ADGroup2
  # Force the connection to use SFTP and chroot to the required directory.
  ForceCommand internal-sftp
  ChrootDirectory /ADGroup2Dir
  # Disable tunneling, authentication agent, TCP and X11 forwarding.
  PermitTunnel no
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

Usually every think works, except when some user are present in both group. Ssh chrootdirectory the user on the first match and the mount works only with the following command:

sshfs aduser@server:/ /localpath

whit the following command we receive a no such file or directory error:

sshfs aduser@server:/ADGroup2Dir

but by watching the debug log of ssh server, the only No such file or directory error are saying that the /usr/libexec/openssh/sftp-server are not found.

Some body can help to figured out this issue?

AtomiX84
  • 435
  • 2
  • 9
  • do you have in `sshd` config line like: `Subsystem sftp /usr/libexec/openssh/sftp-server`? Did you check if the file exist? And do you have `selinux` activated? – Romeo Ninov Jun 21 '19 at 07:47
  • yes, the Subsystem is declared in to the configuration files and selinux is disabled – AtomiX84 Jun 21 '19 at 07:51

0 Answers0