Displaying 20 results from an estimated 1100 matches similar to: "[Bug 1755] New: Broken pipe with scponly with debuglevel"
2004 Dec 03
1
[BUGTRAQ] rssh and scponly arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[This came over BUGTRAQ this morning. Note the call for volunteers
vis-a-vis rssh.]
- ----- Forwarded message from Jason Wies <jason at xc.net> -----
List-Id: <bugtraq.list-id.securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe at securityfocus.com>
To: bugtraq at securityfocus.com
Cc: rssh-discuss at
2005 Jan 15
0
rssh and scponly arbitrary command execution
I just released rssh version 2.2.3 to fix the problem detailed below.
I haven't had time to update my website yet, and my Internet acess is
quite limited these days (hence the terse announcement), so I probably
won't get to that for a while. However, rssh 2.2.3 is available from
the sourceforge.net site:
http://sourceforge.net/projects/rssh
All users of rssh should update to the
2011 Mar 27
1
rssh / scponly
List,
I am putting together a sftp server and would like to use a restrictive
shell with a chroot jail. I was wondering what members of the list
thought about rssh as opposed to scponly.
Greg Ennis
2011 Mar 09
1
Bug#617527: logcheck-database: incomplete rules for scponly-full
Package: logcheck-database
Version: 1.3.13
Severity: wishlist
Hi,
scponly-full (using 4.8-4.1) in Debian is compiled with additional support for rsync, unison and SVN.
However, the logcheck rule is based on the original version and doesn't include those commands in
the regexp.
Please add those three commands to the regexp.
Best regards,
Markus
-- System Information:
Debian Release:
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in
2009 Jun 24
1
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
https://bugzilla.mindrot.org/show_bug.cgi?id=1235
donkishoot at wanadoo.fr changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |donkishoot at wanadoo.fr
--- Comment #5 from donkishoot at wanadoo.fr 2009-06-24 23:41:20 ---
I have a bug that i think is
2002 Aug 21
1
vulnerabilities in scponly
An embedded and charset-unspecified text was scrubbed...
Name: msg.pgp
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020820/23eb5774/attachment.ksh
2012 Feb 07
3
Suggestion for openssh
Hi!
I do not know if it's the ideal place, but I'm sending some suggestion.
Always use openssh and its enormous features.
- I needed to create an environment with only sftp access and thus used:
- Match User suporte
ForceCommand / usr / lib / openssh / sftp-server
OK! It worked perfectly! But only sftp.
- Create an environment with only blocking the ssh, but scp and
2017 Oct 24
0
scp setup jailed chroot on Centos7
Am 2017-10-24 12:19, schrieb Adrian Jenzer:
> Hi Rainer
> I would if I could but external offers only FTP and SCP...
>
> Regards Adrian
AFAIK, for scp you need a proper shell.
I've done that exactly once (chrooted ssh) and it was such a pain that I
vowed to never do it again.
The problem is that inside the chroot, you need:
- nameresolution
- a minimal
2017 Oct 24
1
[OT]: scp setup jailed chroot on Centos7
[Sorry about "top posting": my OT question arises from the subject..]
Could someone elaborate on the "jail" under CentOS. I'm used to FreeBSD
jails, and as I run CentOS and some other Linuxes for quite some time I
was under impression that there is no such thing as jail under Linux [at
least those flavors I run]. Under Linux I did use in variety of places
chrooted
2013 Oct 24
1
[Bug 1235] [PATCH] scp does unnecessary getpwuid(), breaking chroot
https://bugzilla.mindrot.org/show_bug.cgi?id=1235
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WORKSFORME
--- Comment #7 from Damien Miller <djm at
2024 Jun 23
4
[Bug 1755] New: Impossible to copy ct mark into a packet
https://bugzilla.netfilter.org/show_bug.cgi?id=1755
Bug ID: 1755
Summary: Impossible to copy ct mark into a packet
Product: netfilter/iptables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: unknown
Assignee: netfilter-buglog at
2004 Apr 01
1
SSH Logging
Hi,
I'd like to be able to log file transfers to/from an SSH server
(both through scp and sftp-server).
Perhaps I'm not looking in the right places, but I don't see a
way of doing this in the current code. The "scponly" shell goes
some (small) way towards doing this, however, it logs patterns
rather than filenames in scp transfers. I have even less success
with sftp.
If
2003 Dec 31
2
chroot + ssh concerns
Hello,
I'm new to the list, but hopefully I've done enough digging around that
I don't get yelled at too terribly ;)
We're looking to implement a chrooted environment for allowing users to
scp files from servers. That's basically the only functionality that
we need in this case. We're looking to chroot the user and/or remove
any chance that the account can login via
2004 May 17
4
Multi-User Security
Hello list.
I would like to get your opinion on what is a safe multi-user environment.
The scenario:
We would like to offer to some customers of ours some sort of network
backup/archive. They would put daily or weekly backups from their local
machine on our server using rsync and SSH. Therefore, they all have a user
account on our server. However, we must ensure that they would absolutely
not be
2002 Jul 08
3
integrate() (PR#1755)
Full_Name: Travis Porco
Version: 1.5.1 (6/17/2002)
OS: Suse Linux 7.1
Submission from: (NULL) (66.81.124.235)
This happens:
> integrate(function(x)1,0,1)
Error in integrate(function(x) 1, 0, 1) : evaluation of function gave a result
of wrong length
> integrate(function(x)x^2,0,1)
0.3333333 with absolute error < 3.7e-15
> integrate(function(x){cat(x);1},0,1)
0.5 0.01304674 0.9869533
2004 Dec 19
2
SSH Tunnel Problem
I have set up an Rsync server on FreeBSD 5.3 and plan
on having windows clients synchronize data to it.
Rsync running as a daemon works fine. I can
successfully copy data up to the server and view it
via scp.
Also- I can connect via ssh and run rsync as well.
HOWEVER- I cannot connect "passwordless" with SSH and
then connect to the rsync daemon. The following
demonstartes what I
2012 May 10
2
Is there any method, with ChrootDirectory and internal-sftp, to automatically cd to a subdir on login?
Hi,
This is either a query or a feature request. I have a system where sftp
users are chrooted using scponly, which while requiring much more setup than
OpenSSH's internal-sftp method, has the useful feature of allowing an
initial chroot to a subdirectory, typically the one used for file exchange.
I've searched for a way to do the same thing with OpenSSH. So far haven't
found it.
If
2006 Jun 24
1
[PATCH] sftp-server Restricted Access
Hello,
This patch makes it possible to restrict sftp sessions to a certain
subtree of the file system on a per-Unix account basis. It requires a
program such as rssh or scponly to function. A patch for rssh is also
attached to this email.
The method employed uses realpath() and a string comparison to check
that each file or directory access is allowed.
With this patch, sftp-server takes a
2001 Apr 28
1
restricted shell
Hello,
I would like to elicit a discussion about the merits of a statically linked
restricted chrooting shell like scponly which incorporates the functionality of scp
and sftp. The benefits is that a chrooted user directory does not have to
contain the binaries or libraries for scp and sftp and an administrator does not have to
play games with the home path to chroot a user. The disadvantage, of