SSH ForceCommand

Centos 6.5

I ran into an interesting problem (on reddit) that I figured I could solve, but I have not been able to. Its simple,.. I added 'exit 0' to /root/.bashrc, and now I am trying to log in via ssh.

Everytime I do, it immediately exits when it runs the .bash_profile, which sources .bashrc, (which is immediate upon 'logging in')

I've tried:

Code:

ssh root@192.168.1.50 -t vim
vim scp://192.168.1.50/.bashrc
vim scp://192.168.1.50/root/.bashrc
ssh root@192.168.1.50 bash --norc
ssh root@192.168.1.50 /bin/bash --norc --noprofile
ssh -T root@192.168.1.50 "mv /root/.bashrc /root/.bashRC"
scp .bashrc root@192.168.1.50:/root/
ssh root@192.168.1.50 /bin/bash --norc --noprofile -vvvvvvvvvv
ssh -vvvvvv root@192.168.1.50 /bin/bash --norc --noprofile
ssh -vvvvvv root@192.168.1.50 /bin/mv /root/.bashrc /root/.bashRC
ssh -t -t root@192.168.1.50 << EOF
mv /root/.bashrc /root/.bashRC
EOF
ssh -t -t root@192.168.1.50 --norc << EOF
echo HELLO > /root/.bashrc
EOF
ssh -tv root@192.168.1.50 rm .bashrc

So,.. I am unable to get back into the system (as root, no other users exist) after adding 'exit 0' to .bashrc

Anyone feel like explaining why all of these failed (aside from saying SSH interactive logins run the .bash_profile/.bashrc files) or, offering a suggestion that works? Seems like if you have the root password, you should be allowed to modify the login process... since... you know... you are root.

TigerVNC 1.4.1 CentOS 7 Server on Intel 64 bit vncViewer is running on Windows 7 & 8.1 Using both TigerVNC and Tight VNC viewers The CentOS GUI login screen appears with the correct (su) user name. The screen refreshes ~ twice per second allowing only one character to be entered in the Authentication box before refreshing. I am unable to login remotely via VNC. PuTTY access, etc., works fine.

Changing umask value for files and directories take effect after reload:
/etc/profile
/etc/bashrc
default permission for all users:
-rw-r--r--
above permission is edited to:
-rw-rw-r--
If a specific user in group having only read permission to a file/directory is created before reload,and Linux server reloads, that user gets rw permission to that file/directory. what is the alternative of securing:
/etc/profile
/etc/bashrc
apart from giving the two files access to root user only, and locking out all other users?

I made the mistake of adding an xterm invocation to my ".bashrc" file. My intent was to simply execute an xterm upon initial login to the KDE environment on Debian Wheezy (though the distro probably would have made no difference). What happened is that with each invocation of "xterm", the new xterm would again invoke an "xterm" via the ".bashrc" file. Duh, infinite recursion of xterms upon login. Is there a simple way to invoke an xterm at login that doesn't itself lookup the ".bashrc" file? By the time someone answers this, I will probably find and answer somewhere in the bash/xterm man pages, but thought I'd throw it out there. Really felt stupid after having realized my mistake. Had to login to recovery command line mode and replace the ".bashrc" file with "/etc/skel/.bashrc". Cheerio

Hello all,
I am working on setting up a script to set certain things and install them on new installs of linux, however I am running into an issue with appending code onto the end of my .bashrc.

I am trying to append Code:

PS1='\033[1;32m[\A \u@\h \W]\033[0m$ '

into .bashrc and I have tried the following methods without success
Code:

echo PS1='\[\e[1;31m\][\A \u@\h \W]\$\[\e[0m\] ' >> /root/.bashrc
echo 'PS1='\[\e[1;31m\][\A \u@\h \W]\$\[\e[0m\] '' >> /root/.bashrc
echo 'PS1=\'\[\e[1;31m\][\A \u@\h \W]\$\[\e[0m\] \'' >> /root/.bashrc
echo "PS1='\[\e[1;31m\][\A \u@\h \W]\$\[\e[0m\] '" >> /root/.bashrc

as well as several others with not avail. the issue is that echo is interpreting the single quotes that I would like printed. I have tried escaping them with not luck. any ideas?

I had used CentOS 6.6(desktop) before now install centos 7(desktop) on my pc.
In centOS 6.6 had “Connect to Server” in the Places menu, select “Public FTP” or “FTP (with login)” as the service type, enter the server name and other parameters (you can define bookmarks in this dialog box too),

But I cannot find it on centOS 7.I need to login Ftp via Connect to Server.

hi people,

i reinstalled my server with centos 7 to get familiar with it...

i have a laptop that im using cygwin on to ssh into the centos 7 server.

i ran ssh-keygen -t rsa on the server and now in .ssh i have a public and private key created.

i copied the public key from the server to my C:\cygwin64\home\Administrator\.ssh\known_hosts file

now when i input:
ssh userontheserver@serversip

it asks for the passphrase which i created when i did the keygen
on the server

when i put the passphrase in it says permission denied
and returns me to the command line

what am i doing wrong?

do i have the steps correct?

am i right in saying that you need to have the servers public key in your known_hosts file on the client computer to get communication working?

I have set up a SFTP which I can connect to, go to the right directory and read/write files to.

The full path is home/sftpuser/SFTP/Customer
The user "sftpuser" I am connecting with is in the group "ftpusers" which has read/write access.

That works fine.

Here is my sshd_config:
Code:

Match Group ftpusers ChrootDirectory /home/%u/
 ForceCommand internal-sftp
  AllowAgentForwarding no
  AllowTcpForwarding no
  X11Forwarding no

However, I made a samba share of the folder Customer, when I go to the IP adress on a Windows machine "\\10.0.0.1\" I can see the folder Customer, when entering it requests user/pass and afterwards gives an error: you have not the right permissions.

In Webmin:
Customer /home/sftpuser/SFTP/Customer Read/write to everyone

My smb.conf:
Code:

[global]
    syslog = 0
    log file = /var/log/samba/log.%m
    read raw = no
    write raw = no
    passdb backend = tdbsam
    workgroup = DOMAIN
    usershare allow guests = yes
    socket options = TCP_NODELAY
    pam password change = yes
    passwd program = /usr/bin/passwd %u
    unix password sync = yes
    obey pam restrictions = yes
    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    server role = standalone server
    server string = %h server (Samba, Ubuntu)
    max log size = 1000
    map to guest = bad user
    panic action = /usr/share/samba/panic-action %d
    dns proxy = no



[Customer]
    force create mode = 755
    browsable = yes
    public = yes
    path = /home/sftpuser/SFTP/Customer
    force directory mode = 755
    writeable = yes
    valid users = @ftpusers
    force group = ftpusers
    write list = @ftpusers

I have been struggling for 3 days and am totally out of ideas.

LS -L for the folder:
Code:

total 4
drwxrwx---+ 2 sftpuser ftpusers 4096 Apr  9 11:35 Customer

Hi,

In first place i would like to give you a brief about my current setup and my requirement.
I have 80% of the machines with CentOS 6.5 installed rest 20% windows 7. I have OpenLDAP v2.4 for user authentication.
In linux environment all linux machines are configured in such a way that whenever a user logs on to system with the help of OpenLDAP credentials he gets a default desktop rather Mandatory Profile is implemented in this setup. Now my goal is to enable OpenLDAP users logon to windows machines and get the same Mandatory profile setup done here. So far SambaPDC helped me to authenticate LDAP accounts on Windows clients machines but the Manadatory profile thing isn't working well at all due to posix acls issue. Now i am working with Windows Server 2012 r2 server so as to integrate with OpenLDAP for getting this Mandatory profile thing done. Is there any way i can sync all OpenLDAP accounts to Active directory or rather make my windows server a member server for OpenLDAP domain.

Please help me on this. Thanks in advance!!

Dear Members,

I am trying to configure sftp on my Server (Redhat). But I am facing following issue.

Link used: https://www.linode.com/docs/tools-re...ian-and-ubuntu

These are the parameters added to /etc/ssh/sshd_config file :

Quote:
Match group filetransfer
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
Permission home Directories are as follows :

Quote:
ls -ld /home/test1/
drwxr-xr-x 7 root root 4096 May 14 09:49 /home/test1/

ls -l /home/test1/
total 12
drwxr-xr-x 2 root root 4096 May 14 09:49 docs
drwxr-xr-x 2 root root 4096 May 13 11:43 nitish
drwxr-xr-x 2 root root 4096 May 14 09:49 public_html

Debug Command : sftp -vvv test1@Ipaddress

Code:

debug1: Next authentication method: password
test1@IP-address's password:
debug3: packet_send2: adding 64 (len 53 padlen 11 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug3: Wrote 144 bytes for a total of 1421
debug1: Authentication succeeded (password).
debug2: fd 4 setting O_NONBLOCK
debug3: fd 5 is O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug3: Wrote 128 bytes for a total of 1549
debug3: Wrote -1 bytes for a total of 1549
Write failed: Broken pipe
Couldn't read packet: Connection reset by peer

I need the user can't access/see the other directories other than it's own directory

Waiting for your response.

Thank you

Redhat-Keeda