Displaying 20 results from an estimated 12000 matches similar to: "[Bug 1715] New: Integrate patch to provide ability to force 'umask' in sftp-server"
2009 Jan 09
1
setting umask for internal-sftp users
I'm running OpenSSH 5.1p1 on openSUSE 10.3 (i586) and I want to setup chroot jails for certain
SFTP-only users. I use the following lines in my sshd_config file:
Match Group sftponly
ChrootDirectory /home/chroot-%u
ForceCommand internal-sftp
It works great.
The problem is that some of my users need umask 002 for their uploads. I tried a few ways to
achieve this:
* set umask in sshrc,
2010 Dec 09
3
[Bug 1844] New: Explicit file permissions enhancement to sftp-server
https://bugzilla.mindrot.org/show_bug.cgi?id=1844
Summary: Explicit file permissions enhancement to sftp-server
Product: Portable OpenSSH
Version: 5.6p1
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: sftp-server
AssignedTo: unassigned-bugs at mindrot.org
2023 Sep 19
1
Subsystem sftp invoked even though forced command created
This is a new branch of an old thread, made necessary because the email system here purges sent messages after a period of time so I can't reply to the last message in the thread. The operative portion of that last message (retrieved from the archives and dated July 3, 2023) follows:
/*****/
So I set up a fresh key to use for this test, and gave it similar parameters.
I wasn't aware of
2007 Feb 19
1
sftp logging
hello!
i want to use the new options for sftp logging (openshh version 4.5,
solaris 10), but sshd doesn't know the options (LogSftp, Sftpxxxxx)
from the release notes 4.4:
"
* Add optional logging of transactions to sftp-server(8).
"
4.5 is only a bug fix version.
from http://sftplogging.sourceforge.net/
"
NOTICE: 1/31/2007. This patch is superseded by the sftpfilecontrol
2015 Sep 15
0
rsyslog for chrooted sftp users has stopped working -- Centos 6.6
And no sooner do I send the email than I spot the problem. Oops! Sorry
about that.
The sshd_config needed to contain a different internal-sftp line:
Match User test-sftp-only
ChrootDirectory /home/sftp/mcsosftp
ForceCommand internal-sftp -f AUTHPRIV -l INFO
PasswordAuthentication no
AuthorizedKeysCommand /usr/local/bin/get_sftp_key
That's gotten
2010 May 13
1
sshd dies if passed host key with relative path on command line
Hi all,
I noticed that openssh5.5 finally revised this bug, pls check the bugzilla
https://bugzilla.mindrot.org/show_bug.cgi?id=1290
but when i test it both on linux and hp-ux, it will still fails:
In hp-ux, server side:
root at sshia2# /opt/ssh/sbin/sshd -p 1234 -D -h ssh_host_dsa_key -ddd
..........
debug3: send_rexec_state: entering fd = 9 config len 322
debug3: ssh_msg_send: type
2017 Dec 14
4
[SFTP] Possibility for Adding "ForceFilePermission" option
Hi,
I understand that if I specify `ForceCommand internal-sftp -u <umask>`, the permission of any files uploaded via sftp will be calculated by `<original permission> & ~umask`. However, this can be bypassed by the `-P` option of `put` command. We are developing a shared hosting platform, therefore we definitely don?t want our users being able to upload any executable files. We
2015 Sep 15
2
rsyslog for chrooted sftp users has stopped working -- Centos 6.6
Hello everyone,
We have some chrooted sftp-only users on a CentOS release 6.6 server. The
server had been logging their actions, but after recent updates the logs
have stopped.
The server correctly logs non-chrooted users:
Sep 14 17:47:24 vsecure4 sshd[1981]: Accepted publickey for jcours from
192.168.10.166 port 42545 ssh2
Sep 14 17:47:24 vsecure4 sshd[1981]: pam_unix(sshd:session):
2008 Sep 23
3
[Bug 1527] New: ForceCommand internal-sftp needs a way to enable logging
https://bugzilla.mindrot.org/show_bug.cgi?id=1527
Summary: ForceCommand internal-sftp needs a way to enable
logging
Product: Portable OpenSSH
Version: 5.1p1
Platform: Itanium2
OS/Version: HP-UX
Status: NEW
Severity: minor
Priority: P4
Component: sftp-server
AssignedTo:
2008 Jun 20
1
ForceCommand internal-sftp causes sftp logging to fail (openssh-5.0p1)
Hi guys,
I have a server setup with openssh-5.0p1 and use some users as
sftp-only chroot accounts.
The following configuration yields exactly the result I want:
user is chrooted, logs to syslog, all is good.
#================================================#
Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE
Match User fredwww
ChrootDirectory %h
#ForceCommand internal-sftp
2017 Dec 18
2
[SFTP] Possibility for Adding "ForceFilePermission" option
Hi Jakub,
Sorry for the late reply. I was off from work for a few days.
I?ve tried to add the noexec, nosuid and nodev mount options but it seems to have some difficulties to do so with kubernetes nfs-mount. I?ll keep trying to resolve it anyway.
The patch you pasted is exactly the thing I wanna have. I think it?s super useful and I definitely vote yes for merging it to master. I was actually
2014 Jun 25
4
SFTP &
Hello List.
?
i?m trying to setup a limited SSH server with SFTP.
The requirements:
-????????? There are users to whom only SFTP should be available. (sftp-only group)
-????????? There are users to whom SFTP and shell access should be available (admin group)
-????????? SFTP clients have to authenticate with username and password
-????????? shell users have to authenticate with private key.
2023 Nov 12
2
restrict file transfer in rsync, scp, sftp?
On Sat, 11 Nov 2023, Bob Proulx wrote:
> I am supporting a site that allows members to upload release files. I
> have inherited this site which was previously existing. The goal is
> to allow members to file transfer to and from their project area for
> release distribution but not to allow general shell access and not to
> allow access to other parts of the system.
>
>
2006 Sep 15
1
[Bug 1229] No way to set default umask for SFTP server
http://bugzilla.mindrot.org/show_bug.cgi?id=1229
Summary: No way to set default umask for SFTP server
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: Mac OS X
Status: NEW
Severity: enhancement
Priority: P2
Component: sftp-server
AssignedTo: bitbucket at mindrot.org
2010 Nov 02
1
SFTP subsystem and umask
Hello,
I have noticed that the -u parameter to the sftp-server or internal-sftp subsystem is not working correctly. For openssh-5.6p1 I believe that the problem lies in this code, starting at line 1414 in sftp-server.c:
----------------------------------------------------------
case 'u':
mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg);
if (errmsg != NULL)
2009 May 18
6
[Bug 1599] New: "ForceCommand internal-sftp" not working as expected
https://bugzilla.mindrot.org/show_bug.cgi?id=1599
Summary: "ForceCommand internal-sftp" not working as expected
Product: Portable OpenSSH
Version: 5.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2023 Nov 12
1
restrict file transfer in rsync, scp, sftp?
On 12.11.23 03:52, Damien Miller wrote:
> On Sat, 11 Nov 2023, Bob Proulx wrote:
>
>> I am supporting a site that allows members to upload release files. I
>> have inherited this site which was previously existing. The goal is
>> to allow members to file transfer to and from their project area for
>> release distribution but not to allow general shell access and not
2006 Nov 09
1
[Bug 1229] No way to set default umask for SFTP server
http://bugzilla.mindrot.org/show_bug.cgi?id=1229
------- Comment #2 from hans at parse.nl 2006-11-09 20:52 -------
I think there's a bunch of Gentoo users including me that are
interested in this feature aswell, now that the Gentoo core system
packages team decided to ditch the sftplogging
(http://sftplogging.sourceforge.net/) features of the openssh ebuild.
See my ticket at
2010 Nov 04
0
SFTP subsystem and explicit file permissions
Hello again,
Now that umask is working (thanks very much!) I have found that I would
like to see more control over sftp-server/internal-sftp file
permissions.
Given that previous patches (sftp file control comes to mind) were
produced indicates there are other users that would also like more
control over file permissions.
My solution was to add yet another option to sftp-server/internal-sftp
2015 May 22
5
[Bug 2404] New: scp skips file/directory on permissions error
https://bugzilla.mindrot.org/show_bug.cgi?id=2404
Bug ID: 2404
Summary: scp skips file/directory on permissions error
Product: Portable OpenSSH
Version: 6.7p1
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
Component: scp
Assignee: unassigned-bugs at mindrot.org