Displaying 20 results from an estimated 56 matches for "rssh".
Did you mean:
rss
2005 Jan 15
0
rssh and scponly arbitrary command execution
I just released rssh version 2.2.3 to fix the problem detailed below.
I haven't had time to update my website yet, and my Internet acess is
quite limited these days (hence the terse announcement), so I probably
won't get to that for a while. However, rssh 2.2.3 is available from
the sourceforge.net site:
ht...
2004 Oct 23
1
rssh: pizzacode security alert
PIZZACODE SECURITY ALERT
program: rssh
risk: low[*]
problem: string format vulnerability in log.c
details:
rssh is a restricted shell for use with OpenSSH, allowing only scp
and/or sftp. For example, if you have a server which you only want to
allow users to copy files off of via scp, without providing shell
access, you can use rssh t...
2004 Dec 03
1
[BUGTRAQ] rssh and scponly arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[This came over BUGTRAQ this morning. Note the call for volunteers
vis-a-vis rssh.]
- ----- Forwarded message from Jason Wies <jason at xc.net> -----
List-Id: <bugtraq.list-id.securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe at securityfocus.com>
To: bugtraq at securityfocus.com
Cc: rssh-discuss at lists.sourceforge.net
Subject: rssh and scponly a...
2004 Jun 19
0
security flaw in rssh
rssh is a small shell whose purpose is to restrict users to using scp
or sftp, and also provides the facilities to place users in a chroot
jail. It can also be used to lock users out of a system completely.
William F. McCaw identified a minor security flaw in rssh when used
with chroot jails.
There is...
2008 Mar 08
1
rsync 3.0 and rssh
Since rsync 3.0 i've detected a problem with rssh and -e option....rssh
doesn't allow this option...but is essential to me (cyphered transmission
with ssh).
Surfing the net i've seen a guy that made a patch but I don't know how
reliable is...and rssh former programer says he just left the project so
it's no longer his problem.
Is...
2003 Jul 07
0
[semi-OT] rssh FINAL RELEASE! Well, hopefully.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm pleased to announce that rssh now has per-user configurations!
Today I released rssh v2.1.0 with that last peice of functionality to
be added, bringing active development of rssh to a close.
Additionally, I spent several hours testing and debugging this release
as thoroughly as I could think to, and I'm pleased to report (t...
2005 Dec 30
5
rssh: root privilege escalation flaw
Affected Software: rssh - all versions prior to 2.3.0
Vulnerability: local user privilege escalation
Severity: *CRITICAL*
Impact: local users can gain root access
Solution: Please upgrade to v2.3.1
Summary
-------
rssh is a restricted shell which allows a system administrator to
limit users' access to a syste...
2003 Jul 02
0
[semi-OT] rssh
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I released rssh v2.0.4 today. It fixes bugs in the parser which
affect quoted arguments in the config file, as well as the code which
builds the vector for the arguments to the exec call. In the latter
case, arguments which contain a space were treated as two sepearate
args. The man page was also updated to inc...
2003 Jan 02
0
rssh 1.0.4 released
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi folks,
Today I released rssh 1.0.4. rssh is a small replacement shell that
provides the ability for system administrators to give specific users
access to a given system via scp or sftp only.
For downloads or more information, visit the rssh homepage:
http://www.pizzashack.org/rssh
This release fixes a stupid bug caused...
2008 Oct 05
4
Why is -e sent to the remote rsync side?
...erver --sender -de.L .
As we can see, rsync runs ssh, and tells it to run, on the other side,
rsync with the "-e" flag. I am not really sure what and how the "." and
"L" are parsed by rsync (part of my problem).
The reason this is brought up is because I'm using rssh
(http://www.pizzashack.org/rssh/) as the user's shell to limit that user
to only be allowed to run rsync. Rssh, however, prevent the passing of
the "-e" option to rsync, as it claims (with some amount of
justification) that this option allows someone to cause rsync to run any
com...
2011 Mar 27
1
rssh / scponly
List,
I am putting together a sftp server and would like to use a restrictive
shell with a chroot jail. I was wondering what members of the list
thought about rssh as opposed to scponly.
Greg Ennis
2008 Nov 03
3
Rsync from a third host?
Hello everyone,
If I have three computers (Host-A, Host-B and Host-C) .... is it possible to
execute Rsync from Host-A and use the rsync daemon via SSH on Host-B as the
source and the rsync daemon via SSH on host-C as the destination?
Thank you in advance for your help.
Kevin
--
View this message in context: http://www.nabble.com/Rsync-from-a-third-host--tp20297112p20297112.html
Sent from the
2005 Aug 04
0
Patch to selectively override a user's shell
...ody's interest here, but I have
written a patch to selectively override a user's shell dependent of
the username.
The reason behind this is, that at the high performance cluster I
work at, we would like that normal users are only permitted to use
scp and sftp (and thus a shell like rssh) on our master nodes, but
should retain their normal shell on all other nodes. With this patch,
we can define what users may retain their normal shell on the master
nodes and which ones will have their shell changed to a default one.
The patch can be found here: https://ubelix.unibe.ch/loca...
2006 Jun 24
1
[PATCH] sftp-server Restricted Access
Hello,
This patch makes it possible to restrict sftp sessions to a certain
subtree of the file system on a per-Unix account basis. It requires a
program such as rssh or scponly to function. A patch for rssh is also
attached to this email.
The method employed uses realpath() and a string comparison to check
that each file or directory access is allowed.
With this patch, sftp-server takes a command-line argument to indicate
the directory to which the user will be...
2013 Sep 24
2
Protocol negotiation issue in rsync
I was trying to use rsync to send files to a fileserver using an rssh
restricted server.
It refuses, saying that trying to override the shell with -e is forbidden. I
didn't type "-e".
When I look at the source, I see
/* Checking the pre-negotiated value allows --protocol=29 override. */
if (protocol_version >= 30) {...
2017 Sep 01
3
sftp/scp only without real users
Hi,
my goal: sftp/scp only access, without the need for linux users.
I want to provide 10 sftp/scp directories to 10 people. Let's call this
"virtual account"
I don't want to create linux users for each of them.
I would like to create one linux user (backup_user). In his
home-directory will be 10 directories. For each "virtual account" one
directory.
Every
2017 Feb 10
4
Disabling specific commands in sftp
Hi,
On CentOS 7 I?m trying to set up a chrooted SFTP server on which specific users can only read and write on specific folder. And I?d like to disable some commands, so the users can only do ?cd?, ?ls?, ?get? and ?put? (and disabling ?chgrp?, ?chmod?, ?chown?, ?df? etc ?). Is there a way to achieve it, natively or with using a third-party software ?
Alexandre MALDEME
Analyste d'exploitation
2012 Feb 07
3
Suggestion for openssh
...res.
- I needed to create an environment with only sftp access and thus used:
- Match User suporte
ForceCommand / usr / lib / openssh / sftp-server
OK! It worked perfectly! But only sftp.
- Create an environment with only blocking the ssh, but scp and sftp
access, I used:
- Rssh;
- Mysecureshell;
- Scponly.
Work, but change my SHELL, and also created another
environment for authentication and this is not good.
So I suggest to you developers the following idea:
- Create the following options to sshd_config:
- DenyCmdssh
- DenyCmdscp
- DenyCmd...
2019 Jan 23
3
Status of SCP vulnerability
I worked on a proposal like this a few years back (including proof of
concept code).? I taught sftp to have an scp personality (closer to scp2
than scp), and it was rejected by the higher ups.? It may have been the
dual-personality issue, but I know the scp2 concept was also rejected at
the time as it was stated there should be one transfer tool.
But the only way to drag scp into this century
2007 Sep 05
3
Chrooting SFTP over SSH2
Hi,
As per the subject line - if I look up setting up chroot jails for SFTP over
SSH2 I'm led to various Web sites and patches and also to a CentOS wiki page
dated 2005, but what's the 'best' or 'correct' way to set this up for Centos
4.5 and 5?
Thanks