similar to: sftp-server versus internal-sftp

On 12.11.23 03:52, Damien Miller wrote: > On Sat, 11 Nov 2023, Bob Proulx wrote: > >> I am supporting a site that allows members to upload release files. I >> have inherited this site which was previously existing. The goal is >> to allow members to file transfer to and from their project area for >> release distribution but not to allow general shell access and not

https://bugzilla.mindrot.org/show_bug.cgi?id=2230 Bug ID: 2230 Summary: Undocumented sftp put -r quirk: Couldn't canonicalize: No such file or directory Product: Portable OpenSSH Version: 6.5p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5

Hi, The following discussion was posted to comp.security.ssh however, it seems that my problems may be a bug in SSH. Could someone please indicate whether there is a bug fix, or perhaps whether I should go back a version or so. In summary: - Win98 machine (client) - OpenSSH as packaged with Cygwin tools 1.1.8 (openssh-2.5.2p2-3) - Connecting to a Sun running Solaris. ssh: SSH Secure Shell

As of Sunday evening, OpenSSH has an interactive sftp client. It should be in the more recent snapshots. It would be appreciated if you could test new client and find all the bugs :) Please also have a read of the manpage and ensure that it matches what is implemented. I am working on fixing the ones that I know about, so please try to stay up to date with the snapshots. Thanks, Damien

On Sat, 11 Nov 2023, Bob Proulx wrote: > I am supporting a site that allows members to upload release files. I > have inherited this site which was previously existing. The goal is > to allow members to file transfer to and from their project area for > release distribution but not to allow general shell access and not to > allow access to other parts of the system. > >

Hi guys, I have a server setup with openssh-5.0p1 and use some users as sftp-only chroot accounts. The following configuration yields exactly the result I want: user is chrooted, logs to syslog, all is good. #================================================# Subsystem sftp internal-sftp -f AUTHPRIV -l VERBOSE Match User fredwww ChrootDirectory %h #ForceCommand internal-sftp

On Tue, 2020-06-23 at 08:06 +0200, Markus Friedl wrote: > I had something in mind like this for years, but with slightly > different steps: > My naive approach would be to keep the scp user interface and switch > to the sftp protocol internally. We could add a -M [scp|sftp] option > to scp and select the internal protocol. Later we switch the default > from scp to sftp. > No

I've configured OpenSSH_5.3p1 to only allow sftp connections (openssh chroot functionality). i.e. Subsystem sftp internal-sftp Match group sftpusers ChrootDirectory /chroot/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp So far everything works correctly with sftp but when a user ssh's or scp's to the box the login

Dear all, i've appended the below to /etc/bashrc it works like a charm with ssh connections though SFTP sessions fail since the below is being sent to the intiator. any way of limiting the below to none sftp sessions? or any other idea for it to work? # If id command returns zero, you?ve root access. if [ $(id -u) -eq 0 ]; then # you are root, set red colour prompt echo

On Wed, 15 Jul 2020, Red Cricket wrote: > I have had this in my .bashrc for years: > > alias scp='rsync -avzP' Similar, though I named it rcp because nobody has the real rcp installed any more, but sometimes I need scp to connect to systems that lack rsync. https://evolvis.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=shellsnippets/shellsnippets.git;a=blob;f=mksh/rcp;hb=HEAD >

Why can the local and remote paths be sanitized? Regards, Uri > On Jul 31, 2020, at 19:57, Ethan Rahn <ethan.rahn at gmail.com> wrote: > > ?I wanted to bring this up again due to: > https://github.com/cpandya2909/CVE-2020-15778/. This showcases a clear > issue with scp which it sounds like cannot be fixed without breaking scp. > This seems like it would lend some impetus

Hi, As of OpenSSH 6.5 on Ubuntu 14.04 (package version 1:6.5p1-6), there appears to be an undocumented requirement for the sftp "put -r" command. In order to "put -r foo", a remote directory named "foo" must already exist. If a remote directory named foo does not exist, the following (confusing) error message is displayed: sftp> put -r foo Uploading foo/ to

Hi, I am trying to use internal-sftp to limit sftp only access to a set of users. I have set sshd_config as follows sshd_config =========== Subsystem sftp internal-sftp -f LOCAL0 -l VERBOSE Match group ftp ChrootDirectory /sftp/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp -f LOCAL0 -l VERBOSE Match I am able to access internal-sftp and run sftp sessions properly.

https://bugzilla.mindrot.org/show_bug.cgi?id=1606 Summary: internal-sftp does not drop conections properly, it will hang Product: Portable OpenSSH Version: 5.2p1 Platform: Itanium OS/Version: HP-UX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo:

Hello, We have recently had a new problem with one of the users on one of our servers. Filezilla claims it connects and authenticates, but then fails to list the directory (although no error message is output, it just eventually times out. There is the full output of filezilla located here: http://pastebin.com/tAVcSP8Y. >From the server side, the most verbose output I can make it print can

Hi all, I'm setting up a system where users will only be able to use "sftp" but not "ssh" to connect to the server (http://www.snailbook.com/faq/restricted-scp.auto.html). Here's the setup... Server: OpenSSH 2.5.2p2-1 on RH Linux Client: Commercial SSH 2.4 on Solaris The vendor on the client system creates a key pair and sends it to me. I then add the vendor's

Hi all, I am using Match directive and internal-sftp to chroot sftp users into their directory. Connection and login works. I can change directories and put/get files. Also logging of the internal sftp-process works (created a /dev/log socket inside the chroot). As soon as I use the 'ls' command, nothing happens and the the process gets stuck. Listing files does work as soon as I remove

Hope ya'all can help! Been reading and reading, and adjusting... to no avail. We need to have chroot'd SFTP activities logged on a file server and for whatever reason, I simply cannot get it to log with users that are chroot'd (this is necessary for auditing and HIPAA - so it is pretty important) I have tried with Fedora 11/12 and even an older Fedora 8 server, the same results: 1.

https://bugzilla.mindrot.org/show_bug.cgi?id=1527 Summary: ForceCommand internal-sftp needs a way to enable logging Product: Portable OpenSSH Version: 5.1p1 Platform: Itanium2 OS/Version: HP-UX Status: NEW Severity: minor Priority: P4 Component: sftp-server AssignedTo:

Hi! I want to set a OpenSSH server which restricts some users to only chrooted SFTP, while others have full/normal ssh, scp and sftp access. Most or all guides on the web say that I should enable the config line "Subsytem sftp internal-sftp" among other things, but I've found out that this only causes non-restricted users to not be able use SFTP at all, only the chrooted users.