Re: ftp through a ssh-tunnel refuses my ftp-shell

From: markus berges (m.berges_at_promio.net)
Date: 07/05/05

  • Next message: Unruh: "Re: two attempted break-ins from Hong Kong & Italy" 
    Date: Tue, 5 Jul 2005 18:12:33 +0200

    thanks for your information and the interesting link

    regards markus

    "Richard E. Silverman" <res@qoxp.net> schrieb im Newsbeitrag
    news:m23bqto4cv.fsf@darwin.oankali.net...
    > >>>>> "mb" == markus berges <m.berges@promio.net> writes:
    >
    > mb> what happens is: when I give him a shell like
    > mb> "/usr/libexec/openssh/sftp-server" and write into sshd_config an
    > mb> entry like Subsystem sftp /usr/libexec/openssh/sftp-server
    >
    > mb> I can establish a ssh-connection but it aborts with "bad
    > mb> message" when I try to use it
    >
    > sshd uses the target account's shell to start all programs on the user's
    > behalf, including subsystems, by calling $SHELL -c <program>. Ordinarily
    > the configuration you quote will work with an sftp client, but only
    > by accident. sshd will run this:
    >
    > /usr/libexec/openssh/sftp-server -c /usr/libexec/openssh/sftp-server
    >
    > and as it happens, sftp-server will ignore the arguments and just run.
    > The "bad message" response is probably a different problem, perhaps:
    >
    > http://www.snailbook.com/faq/sftp-corruption.auto.html
    >
    > mb> using as a shell "/usr/sbin/vsftpd" with a sshd_config entry
    > mb> Subsystem vsftp /usr/sbin/vsftpd causes the connection to abort
    > mb> immediately
    >
    > This can never work in any way at all, since the FTP protocol is not
    > amenable to static SSH port forwarding: it uses ancillary TCP connections
    > and carries IP addresses inside the protocol.
    >
    > --
    > Richard Silverman
    > res@qoxp.net
    >

  • Next message: Unruh: "Re: two attempted break-ins from Hong Kong & Italy"