Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS
Hildegard Meier
daku8938 at gmx.de
Thu Sep 30 15:43:19 AEST 2021
> 4192 /usr/sbin/sftpd is likely unrelated to OpenSSH.
> I guess that this is a TLS FTP server.
> Try ps fax to see process relationships.
>
> The "sftpd:" prefix for the sshd processes may be related to SELinux;
> nothing in OpenSSH is called sftpd, except the "sftpd_t" SELinux context.
Sorry Peter I should have explained this at once.
To have a clean seperation of the standard sshd service on port 22 and our sftp server that listens on another port,
and both have and shall have really nothing to do which each other,
I created a new sshd instance named "sftpd":
/usr/sbin/sftpd is a symlink to /usr/sbin/sshd
Copied /etc/ssh/ and /etc/default/ssh to /etc/sftpd/ and /etc/default/sftpd
Copied /lib/systemd/system/ssh.service to /etc/systemd/system/sftpd.service
end replaced in the copy all occurences of regex "sshd?" with sftpd
E.g.
[Service]
EnvironmentFile=-/etc/default/sftpd
ExecStartPre=/usr/sbin/sftpd -t
ExecStart=/usr/sbin/sftpd -D $SFTPD_OPTS -f /etc/sftpd/sftpd_config
Important for correct autostart of sftpd on boot is:
[Unit]
After=network.target auditd.service sshd.service
Because sftpd needs to be started after sshd because only sshd creates /run/sshd/
and that is needed by sftpd (hard compiled in sshd).
Pitfall:
When stopping sshd /run/sshd/ gets deleted and you get the following sftpd error:
fatal: Missing privilege separation directory: /run/sshd
and sftpd does not accept new connections anymore etc.
Here ps fax output :)
12981 ? Ss 0:02 /usr/sbin/sftpd -D -f /etc/sftpd/sftpd_config
18846 ? Ss 0:00 \_ sftpd: sftp_nagios [priv]
18848 ? S 0:00 \_ sftpd: sftp_nagios at notty
18849 ? Ss 0:00 \_ sftpd: sftp_nagios at internal-sftp
More information about the openssh-unix-dev
mailing list