Uninstall rssh

[nivaplei]

Hi,
I am trying to set rssh for my server, but I think I mess up somewhere. I would like to start fresh and try again.
Can someone show me how to uninstall rssh ?

Thank you so much for your help.
Niva

[Segfault]

How did you install it. Generally, all you can mess up is rssh.conf.

[nivaplei]

I followed the steps from this guide: cyberciti.biz/tips/rhel-centos-linux-install-configure-rssh-shell.html
so here:
cd /tmp
wget dag.wieers.com/rpm/packages/rssh/rssh-2.3.3-1.el3.rf.i386.rpm (this is for redhat 3, 32 bits)
rpm -ivh rssh-2.3.3-1.el3.rf.i386.rpm
After install it, I change one of my existing user to use shell /usr/bin/rssh
usermod -s /usr/bin/rssh myuser


then I change the rssh.conf file to allow scp and allowsftp

I also change the home folder of my user, so instead of going to home/myuser, the folder go to my/path/ by vi the passwd file. AFter that, for some reasons, it still block myuser from using winscp to connect to the server. Did I mess up right here?How do I fix it?

My main purpose of this is to jail the user to its own folder. but restrict the users to just using sftp would be fine too.

Please help!

[nivaplei]

Now even I create a new user using bin/bash shell only, it still block the new users from sftp or ssh, It doesnt block the existing users that wasnt been changed to usr/bin/rssh shell. It block the existing users that was changed to usr/bin/rssh and then was changed back to use bin/bash

[Segfault]

Look at the log for errors. Can you log in from some *nix box?

[nivaplei]

what is *nix box? I am sorry am new.
When I try to use winscp, it said access denied

[nivaplei]

This is the error log from messages log:
Oct 4 15:07:01 online sshd[20007]: User hiveusr not allowed because not listed in AllowUsers
Oct 4 15:07:01 online sshd[20007]: Failed none for illegal user hiveusr from 60.195.250.54 port 16873 ssh2
Oct 4 15:07:01 online sshd[20007]: error: Could not get shadow information for NOUSER
Oct 4 15:07:01 online sshd[20007]: Failed password for illegal user hiveusr from 60.195.250.54 port 16873 ssh2
Oct 4 15:09:01 online sshd[20007]: fatal: Timeout before authentication for 60.195.250.54
Oct 4 15:31:42 online sshd[24956]: Accepted password for disted from 60.195.250.54 port 1878 ssh2
Oct 4 15:33:07 online sshd[25270]: User nivatest not allowed because not listed in AllowUsers
Oct 4 15:33:07 online sshd[25270]: Failed none for illegal user nivatest from 60.195.250.54 port 39653 ssh2
Oct 4 15:33:07 online sshd[25270]: error: Could not get shadow information for NOUSER
Oct 4 15:33:07 online sshd[25270]: Failed password for illegal user nivatest from 60.195.250.54 port 39653 ssh2
Oct 4 15:33:44 online sshd[25354]: Failed password for disted from 60.195.250.54 port 22558 ssh2
Oct 4 15:42:32 online sshd[26576]: User nivatest not allowed because not listed in AllowUsers
Oct 4 15:42:32 online sshd[26576]: Failed none for illegal user nivatest from 60.195.250.54 port 45369 ssh2
Oct 4 15:42:37 online sshd[26576]: error: Could not get shadow information for NOUSER
Oct 4 15:42:37 online sshd[26576]: Failed password for illegal user nivatest from 60.195.250.54 port 45369 ssh2

[nivaplei]

I foudn it, I got it.
The error login is a big clue, I didnt allow the new user in the sshd_config file
After create the new user, I then go into the sshd_config file to add one more line : AllowUser test
That did it.
THank you very much for your help!
Niva

[Segfault]

You are welcome!

Just a little reminder, you better remove that user test. I remember reading on some forum how somebody created user test with password test, gave it root rights and wondered why his box got hacked in no time.
May sound funny to you, wasn't funny for him ...

[nivaplei]

Thank you,
No it's not funny at all, I check my log everyday and see people try to log in my server with alot of common username. I dont use user test, just an example for the post.
Thanks