Re: scp and Linux Restricted Shell

From: Darren Tucker (dtucker_at_zip.com.au)
Date: 11/02/04

  • Next message: Binninger, Martin: "Starting daemon using ssh"
    Date: Tue, 02 Nov 2004 21:59:34 +1100
    To: Robert Hajime Lanning <robert.lanning@gmail.com>
    
    

    Robert Hajime Lanning wrote:
    > On Fri, 29 Oct 2004 15:21:48 -0700, Caprio, Don
    > <don.caprio@bankofamerica.com> wrote:
    >
    >>Anybody have a clue why scp will not work with F-Secure when the OpenSSH client is using
    >>a restricted shell? I haven't been able to try with F-secure at both ends.
    >
    > I am not sure but try giving access, via rbash, to exec the
    > "sftp-server" binary.

    Restricted usually shells won't allow executing binaries by full path,
    which is what "Subsystem sftp /usr/libexec/openssh/sftp-server" in
    OpenSSH's sshd_config does.

    Try putting a link to sftp-server someplace in the restricted shell's
    path, change the line in sshd_config to "Subsystem sftp sftp-server" and
    restart sshd.

    You might also want to investigate "rssh", a restricted shell
    specifically for scp and sftp connections.

    -- 
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
         Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.
    

  • Next message: Binninger, Martin: "Starting daemon using ssh"