search for: scponly

https://bugzilla.mindrot.org/show_bug.cgi?id=1755 Summary: Broken pipe with scponly with debuglevel Product: Portable OpenSSH Version: 5.4p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org Repor...

...-vis rssh.] - ----- Forwarded message from Jason Wies <jason at xc.net> ----- List-Id: <bugtraq.list-id.securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe at securityfocus.com> To: bugtraq at securityfocus.com Cc: rssh-discuss at lists.sourceforge.net Subject: rssh and scponly arbitrary command execution Message-ID: <20041202135143.GA7105 at xc.net> From: Jason Wies <jason at xc.net> Vulnerable applications: rssh All versions All operating systems scponly All versions All operat...

...ww.pizzashack.org/rssh Sorry for the slow response; I've had other priorities lately. DM On Thu, Dec 02, 2004 at 01:51:43PM +0000, Jason Wies wrote: > Vulnerable applications: > > rssh > All versions > All operating systems > scponly > All versions > All operating systems > > Not vulnerable: > > Discussion: > > rssh and scponly are restricted shells that are designed to allow execution > only of certain preset programs. Both are used to grant a user the ability >...

List, I am putting together a sftp server and would like to use a restrictive shell with a chroot jail. I was wondering what members of the list thought about rssh as opposed to scponly. Greg Ennis

Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be

Package: logcheck-database Version: 1.3.13 Severity: wishlist Hi, scponly-full (using 4.8-4.1) in Debian is compiled with additional support for rsync, unison and SVN. However, the logcheck rule is based on the original version and doesn't include those commands in the regexp. Please add those three commands to the regexp. Best regards, Markus -- System Informati...

https://bugzilla.samba.org/show_bug.cgi?id=1890 devzero at web.de changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |devzero at web.de ------- Comment #3 from devzero at web.de 2009-08-07 05:11 CST ------- wouldn`t it be better to give up on that effort

An embedded and charset-unspecified text was scrubbed... Name: msg.pgp Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020820/23eb5774/attachment.ksh

-----Original Message----- From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Rainer Duffner Sent: Samstag, 21. Oktober 2017 00:41 To: CentOS mailing list Subject: Re: [CentOS] scp setup jailed chroot on Centos7 > Am 20.10.2017 um 15:58 schrieb Adrian Jenzer <a.jenzer at herzogdemeuron.com>: > > Dear all > > I'm looking for instructions on how to setup a

...onment with only sftp access and thus used: - Match User suporte ForceCommand / usr / lib / openssh / sftp-server OK! It worked perfectly! But only sftp. - Create an environment with only blocking the ssh, but scp and sftp access, I used: - Rssh; - Mysecureshell; - Scponly. Work, but change my SHELL, and also created another environment for authentication and this is not good. So I suggest to you developers the following idea: - Create the following options to sshd_config: - DenyCmdssh - DenyCmdscp - DenyCmdsftp All three options above with de...

A client wants me to set up a mechanism whereby his customers can drop files securely into directories on his FreeBSD server; he also wants them to be able to retrieve files if needed. The server is already running OpenSSH, and he himself is using Windows clients (TeraTerm and WinSCP) to access it, so the logical thing to do seems to be to have his clients send and receive files via SFTP or SCP.

Hi, As per the subject line - if I look up setting up chroot jails for SFTP over SSH2 I'm led to various Web sites and patches and also to a CentOS wiki page dated 2005, but what's the 'best' or 'correct' way to set this up for Centos 4.5 and 5? Thanks

Hi, We re doing backups of all filesystems to a dedicated server using "rsync -x". Now, the latest CentOS versions (5.7/6.x) come with rsync-3.0.6 instead of rsync-2.x. That's nice but unfortunately it doesn't do the same as 2.x in certain situations. The problem is with the -x option, which does not delete content under a mount point anymore. It was my impression that this is

...lems I see are code auditting (which, while I understand C, I don't know the ssh source well enough to understand the patch), as well as waiting on patches to newly announced vulnerabilities. 2. the other options that we have for this are "restricted bash" (rbash), and the "scponly" shell - does anyone have any comments on either of those two as more (or less) recommended than the chrootssh patch? any other words of wisdom are very much appreciated! thanks, -lev

...with jails, creating functional, limited chroot-environments is somewhat in its genes, so to speak) Somebody sent me the link to these scripts: https://github.com/codelibre-net/schroot Maybe you can use those scripts - I've never tried them. Also, there's scp-only: https://github.com/scponly/scponly/wiki Haven't used that in years, either. Concern over that one seemed to be that it's "another" shell and nobody had apparently done a thorough audit of it.

Hi, I'd like to be able to log file transfers to/from an SSH server (both through scp and sftp-server). Perhaps I'm not looking in the right places, but I don't see a way of doing this in the current code. The "scponly" shell goes some (small) way towards doing this, however, it logs patterns rather than filenames in scp transfers. I have even less success with sftp. If someone knows of patches that achive this aim, I'd like to hear about them or hear of any other appropriate suggestions. Alternatively...

hi,i have a question want to ask if i add a user like: useradd test groupadd test -g www and how to control user test only can see and write only folder(like /home/htdocs/test,he can not see /home/htdocs or other folder) thanks very much -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hey team, I'll be at sea on and off this week, and as such my Internet access will depend on wifi availability while in port. 22a seems stable, but if any critical problems arise, feel free to prepare a release and bug Alfie to upload it. On the brighter side, I expect to be extremely bored while offline so I'll probably get some logcheck work done. <: Cheers, -- [ Todd J.

...environments > is somewhat in its genes, so to speak) > > Somebody sent me the link to these scripts: > > https://github.com/codelibre-net/schroot > > Maybe you can use those scripts - I've never tried them. > > > Also, there's scp-only: > https://github.com/scponly/scponly/wiki > > Haven't used that in years, either. > Concern over that one seemed to be that it's "another" shell and nobody > had apparently done a thorough audit of it. > _______________________________________________ > CentOS mailing list > CentOS at cen...

...|donkishoot at wanadoo.fr --- Comment #5 from donkishoot at wanadoo.fr 2009-06-24 23:41:20 --- I have a bug that i think is similar. I'm trying to make a jail for winbind sftp users who must have an only sftp service (no shell). This is the error i found when debugging (i replace scponlyc by bash for the test): ssh usersftp1 at 192.168.2.1 bash-4.0$ chroot . bash-4.0$ ./usr/libexec/openssh/sftp-server No user found for uid 10653 Is their a workaround ? I had no problem with this solution on an old Fedora. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=ema...