OpenSSH logging with Chroot Directory and SFTP Clients on CentOS

Posted on January 24, 2012 by Katz

The following is adapted from http://www.debian-administration.org/articles/637 for CentOS as I have tested it on a CentOS VM (Xen x86_64 CentOS release 6.2 (Final)).

Make syslog available in the chroot

Create a dev directory in each user’s chrooted directory:

# mkdir /home/username1/dev
# mkdir /home/username2/dev

Configure rsyslog to probe the new logging source

Put the following contents in /etc/rsyslog.conf :

# Create an additional socket for some of the sshd chrooted users.
$AddUnixListenSocket /home/username1/dev/log
$AddUnixListenSocket /home/username2/dev/log

Configure openssh for logging

Change /etc/ssh/sshd_config. The Subsystem sftp line will now read (ps I use INFO instead of VERBOSE as I tested both and they seem to look the same in the log file) :

Subsystem sftp internal-sftp -l INFO

Create a Match section (assuming username1/username2 are members of the sftponly group in /etc/group).

Match group sftponly
         ChrootDirectory /home/%u
         X11Forwarding no
         AllowTcpForwarding no
         ForceCommand internal-sftp -l INFO

“Because of a limitation bug in OpenSSH, the ForceCommand line cannot be used with logging parameters on versions earlier than 5.2. But omitting the ForceCommand directive implicitely provides the user shell access in the chrooted directory if he has upload privileges. Therefore, this is in my view a security risk, and that is why I would say that enabling logging in this configuration requires OpenSSH 5.2 or later.”

Note: Tried to redirect sftp logging per the above referred article but it did not seem to work in CentOS, everything is logged to /var/log/secure which, in my case, is just fine so I did not research it any further. On the Debian side one user commented that the dev/log’s were not automatically created but this is not the case in CentOS, just add the entry to the /etc/rsyslog.conf file as above and do a service rsyslog restart and it works!

Any comments are welcome.

Posted in Computer Tech | Tagged , , , , | Leave a comment

Ariix Launches New Product – BioPro Q – The first of many!

Posted on January 19, 2012 by Katz

Ariix has launched BioPro Q! The first of many new and innovative products which will stem from the Ariix Opportunity and Leaders. BioPro Q support a healthy heart, immune system, and cellular energy. It sports a proprietary (and very expensive) form of CoQ 10 in concert with other ingredients.

Please listen to the Product Announcement here:

As usual if you are interested in trying the Ariix Products or wish to join our Marketing Group follow up here:

Place your Ariix Order Now!

Place your Ariix Order Now!

Posted in Health and Nutrition, Network Marketing | Leave a comment

Ariix – What’s up after the dust has begun to settle?

Posted on December 29, 2011 by Katz

Well after the dust and commotion of major leaders leaving Usana and joining Ariix, many many seekers coming to this blog, some of them joining up and beginning to build businesses with Ariix I have decided I should post at least something though I have been uninspired to write…lately. Ariix is certainly booming with 900+% growth rate in the last few months as reported by some MLM Watchers and so forth.

Ariix, in accordance to our plan of excellence, have begun the process to introduce new products. These products, of course, will be proprietary and unique to the industry, at least as long as possible as good products and services will always be copied no matter what legal stipulations they have. So don’t rest if you have a unique product as that is no comfort zone, and in today’s world of course there are almost no real comfort zones!

Ow, I forgot to put in the new product announcement, so I will paste it in here:

Well, it’s official! On last night’s call, Dr. Fred Cooper announced that the newest member of the ARIIX family of products is bioproQ, and the call was such a big hit that Dr. Cooper conducted an encore presentation for back-to-back product launch calls. We want to thank Dr. Cooper, Deanna Latson and Dr. Ray Strand for their education and information on this fantastic new addition to the supplements line.

In case you missed the call, here are the details:
* BioproQ will be available in the U.S.A. the week of January 10th!
* Right now you can order bioproQ for the introductory pre-launch price of just $49.95!
* This promotion is good through midnight MST on Thursday, 12/22/11, so place your order now!
* Once this special is over, you can still pre-order bioproQ at the IIX Member price of just $59.95.*

Be the first to get your hands on this new quality product that has a superior ubiquinol, which has been shown to maintain or improve heart health, provide anti-aging support supply anti-oxidant protection and promote life extension.? Visit the Products page at www.ARIIX.com to learn more about bioproQ and its ingredients.”

Duke Tubtim left Usana and replaced his income with Ariix in a number of weeks and is now hitting great heights and levels of income never before experienced with any company, enough said!

The Ariix products lend themselves to stability as they are everyday use products. And, of course, as with any great MLM business opportunity, if you consume the products regularly your personal consumption runs the required monthly sales volume to remain active (receive commissions on your group volumes) in the business! That being said when new products are introduced the opportunity for expansion exists multilaterally: 1) Existing Customers and Representatives will purchase new products for consumption and 2) New Customers and Representatives will see and purchase the new products and join accordingly and further the momentum.

Ariix continues to pay commissions accurately and on time! And I imagine at this point, due to the efforts of the field and its confidence, the main challenge for Ariix Principals (company owners) is which products to introduce first and which countries to open up first and how to effectively manage the volume (supply and demand) going forward. Of course I anticipate there will be other challenges though we don’t speak of them!

My personal challenge with Ariix, at this point, is to match volume of my Power Line with my Pay Line, though it is slow coming I realize the potential of each and every new recruit to become a start leader with Ariix. And to be perfectly honest if the math of the previous months is applied forward to future months the future looks very good with Ariix and the Sabai Marketing Group.

Also, before I forget, as I know many of you reading this blog are on the fence about Ariix the promotion to join with Silver or Gold package ends this Friday (orders must be placed by 11pm CST or something like that, just make sure you get in well before that time and notify me to make sure the benefits are verified). That is, specifically, that those who join with Silver/Gold Packages get an extra Pay Line added automatically which means they can potentially earn another business worth if they choose to work it that way (over achievers love this!).

So what are we waiting for?! Certainly I am not, drop a line if you need to discuss as usual. And please have a Happy and Prosperous New Year!

JOIN ARIIX NOW!

Place your Ariix Order Now!

Place your Ariix Order Now!

Posted in Network Marketing | Leave a comment