Hello,

Kommt mir langsam vor, wie ein Puzzlespiel.

Das gibt es im Serverbereicht, vorallem, wenn es um Sicherheit geht, sehr oft.

Deinen Tipp mit dem Debug habe ich nun befolgt. Das sah auf den ersten Blick ganz klasse aus. Ich dachte, *hups* da habe ich doch galtt wieder mal vergessen, den sftp-server in die chroot-Umgebung zu kopieren. Nachgeholt, nochmal probiert, aber es läuft immer noch nicht...

Ich stelle nun doch mal das Debug-Log hier herein, weil ich einfach nicht weiß, wo ich noch suchen soll.

debian4:~# nl ssh_debug
     1  debian4:/# /etc/init.d/ssh stop
     2  Stopping OpenBSD Secure Shell server: sshd.
     3  debian4:/# /usr/sbin/sshd -d
     4  debug1: sshd version OpenSSH_4.3p2 Debian-9etch3
     5  debug1: read PEM private key done: type RSA
     6  debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
     7  debug1: private host key: #0 type 1 RSA
     8  debug1: read PEM private key done: type DSA
     9  debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
    10  debug1: private host key: #1 type 2 DSA
    11  debug1: rexec_argv[0]='/usr/sbin/sshd'
    12  debug1: rexec_argv[1]='-d'
    13  debug1: Bind to port 22 on ::.
    14  Server listening on :: port 22.
    15  debug1: Bind to port 22 on 0.0.0.0.
    16  debug1: Server will not fork when running in debugging mode.
    17  debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
    18  debug1: inetd sockets after dupping: 3, 3
    19  Connection from 192.168.178.48 port 1477
    20  debug1: Client protocol version 2.0; client software version WinSCP_release_4.1.8
    21  debug1: no match: WinSCP_release_4.1.8
    22  debug1: Enabling compatibility mode for protocol 2.0
    23  debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9etch3
    24  debug1: permanently_set_uid: 106/65534
    25  debug1: list_hostkey_types: ssh-rsa,ssh-dss
    26  debug1: SSH2_MSG_KEXINIT sent
    27  debug1: SSH2_MSG_KEXINIT received
    28  debug1: kex: client->server aes256-ctr hmac-sha1 none
    29  debug1: kex: server->client aes256-ctr hmac-sha1 none
    30  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
    31  debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
    32  debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
    33  debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
    34  debug1: SSH2_MSG_NEWKEYS sent
    35  debug1: expecting SSH2_MSG_NEWKEYS
    36  debug1: SSH2_MSG_NEWKEYS received
    37  debug1: KEX done
    38  debug1: userauth-request for user jsteffen service ssh-connection method none
    39  debug1: attempt 0 failures 0
    40  debug1: PAM: initializing for "jsteffen"
    41  Address 192.168.178.48 maps to pc48.local, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
    42  debug1: PAM: setting PAM_RHOST to "192.168.178.48"
    43  debug1: PAM: setting PAM_TTY to "ssh"
    44  Failed none for jsteffen from 192.168.178.48 port 1477 ssh2
    45  Failed none for jsteffen from 192.168.178.48 port 1477 ssh2
    46  debug1: userauth-request for user jsteffen service ssh-connection method password
    47  debug1: attempt 1 failures 1
    48  debug1: PAM: password authentication accepted for jsteffen
    49  debug1: do_pam_account: called
    50  Accepted password for jsteffen from 192.168.178.48 port 1477 ssh2
    51  Accepted password for jsteffen from 192.168.178.48 port 1477 ssh2
    52  debug1: monitor_child_preauth: jsteffen has been authenticated by privileged process
    53  debug1: PAM: reinitializing credentials
    54  debug1: permanently_set_uid: 1004/1004
    55  debug1: Entering interactive session for SSH2.
    56  debug1: server_init_dispatch_20
    57  debug1: server_input_channel_open: ctype session rchan 256 win 65536 max 16384
    58  debug1: input_session_request
    59  debug1: channel 0: new [server-session]
    60  debug1: session_new: init
    61  debug1: session_new: session 0
    62  debug1: session_open: channel 0
    63  debug1: session_open: session 0: link with channel 0
    64  debug1: server_input_channel_open: confirm session
    65  debug1: server_input_channel_req: channel 0 request subsystem reply 1
    66  debug1: session_by_channel: session 0 channel 0
    67  debug1: session_input_channel_req: session 0 req subsystem
    68  subsystem request for sftp
    69  debug1: subsystem: exec() /usr/lib/openssh/sftp-server
    70  debug1: Received SIGCHLD.
    71  debug1: session_by_pid: pid 3600
    72  debug1: session_exit_message: session 0 channel 0 pid 3600
    73  debug1: session_exit_message: release channel 0
    74  debug1: session_by_channel: session 0 channel 0
    75  debug1: session_close_by_channel: channel 0 child 0
    76  debug1: session_close: session 0 pid 0
    77  debug1: channel 0: free: server-session, nchannels 1
    78  Connection closed by 192.168.178.48
    79  debug1: do_cleanup
    80  debug1: PAM: cleanup
    81  Closing connection to 192.168.178.48
    82  debug1: PAM: cleanup
    83  debian4:/#

Spannend sind mMn erst die Zeilen ab Zeile 67.
Was soll ich von einem SIGCHLD halten?

Liebe Grüße aus Syburg bei Dortmund

Tom vom Berg