search for: scponlyc

Displaying 5 results from an estimated 5 matches for "scponlyc".

Did you mean: scponly
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
...sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in sshd_config, but not only for certian users and/or groups. Example scenario: You're on a privat network, behind a firewall. You're letting port 22 in to your linux machine. A few trusted people have normal ac...
2010 Apr 13
3
[Bug 1755] New: Broken pipe with scponly with debuglevel
...5]: chrooted binary in place, will chroot()", 55}, {"\n", 1}], 2) = -1 EPIPE (Broken pipe) 1899 31405 --- SIGPIPE (Broken pipe) @ 0 (0) --- see full strace log in attachment Behavior of sftp is sometimes random: I have reproduce with scponly in chroot, if I have change shell from scponlyc to scponly, sftp doesnt work too, but after restart of sshd sftp works. sometimes works sftp testik at 192.168.0.108 testik at 192.168.0.108's password: Connected to 192.168.0.108. sftp> sometimes whithout any changes doesnt work sftp testik at 192.168.0.108 testik at 192.168.0.108's...
2013 Oct 24
1
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
...iller <djm at mindrot.org> --- (In reply to donkishoot from comment #5) > I have a bug that i think is similar. > > I'm trying to make a jail for winbind sftp users who must have an > only sftp service (no shell). > > This is the error i found when debugging (i replace scponlyc by bash > for the test): > > ssh usersftp1 at 192.168.2.1 > bash-4.0$ chroot . > bash-4.0$ ./usr/libexec/openssh/sftp-server > No user found for uid 10653 > > Is their a workaround ? > > I had no problem with this solution on an old Fedora. We added "internal-...
2009 Jun 24
1
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
...|donkishoot at wanadoo.fr --- Comment #5 from donkishoot at wanadoo.fr 2009-06-24 23:41:20 --- I have a bug that i think is similar. I'm trying to make a jail for winbind sftp users who must have an only sftp service (no shell). This is the error i found when debugging (i replace scponlyc by bash for the test): ssh usersftp1 at 192.168.2.1 bash-4.0$ chroot . bash-4.0$ ./usr/libexec/openssh/sftp-server No user found for uid 10653 Is their a workaround ? I had no problem with this solution on an old Fedora. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=emai...
2004 May 17
4
Multi-User Security
Hello list. I would like to get your opinion on what is a safe multi-user environment. The scenario: We would like to offer to some customers of ours some sort of network backup/archive. They would put daily or weekly backups from their local machine on our server using rsync and SSH. Therefore, they all have a user account on our server. However, we must ensure that they would absolutely not be