Re: scp and Linux Restricted Shell
From: Darren Tucker (dtucker_at_zip.com.au)
Date: Tue, 02 Nov 2004 21:59:34 +1100 To: Robert Hajime Lanning <email@example.com>
Robert Hajime Lanning wrote:
> On Fri, 29 Oct 2004 15:21:48 -0700, Caprio, Don
> <firstname.lastname@example.org> wrote:
>>Anybody have a clue why scp will not work with F-Secure when the OpenSSH client is using
>>a restricted shell? I haven't been able to try with F-secure at both ends.
> I am not sure but try giving access, via rbash, to exec the
> "sftp-server" binary.
Restricted usually shells won't allow executing binaries by full path,
which is what "Subsystem sftp /usr/libexec/openssh/sftp-server" in
OpenSSH's sshd_config does.
Try putting a link to sftp-server someplace in the restricted shell's
path, change the line in sshd_config to "Subsystem sftp sftp-server" and
You might also want to investigate "rssh", a restricted shell
specifically for scp and sftp connections.
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.