[scponly] scponly interactive question

[wbr oblyr]

hey scott, good question.  i've been wondering why no one every asked this
question.

what you're seeing is the winscp compatibility feature talking back to
you.  winscp compatibility *IS* an interactive shell.  if you turn on the
logging in winscp, you can see what winscp does when it logs in.

basically, winscp (or anything pretending to be winscp) is able to issue
commands like chown, rm, scp, etc - one after the other without logging
out.  while this may seem like this completely contracts the point of
scponly, the only command that is allowed in winscp compatibility that is
not allowed in the noninteractive nonwinscp mode is "cd".  furthermore,
the argument checking is not more lenient is winscp-mode than it is in
nonwinscp mode.  in fact, its the same code.

but, if you're not comfortable with the distinction between an interactive
and noninteractive shell session, you can easily disable winscp
compatibility at compile time, like so:

./configure --disable-winscp-compat

then reinstall and you will find scponly is much less polite to people who
try to ssh in.

joe

----

PGP KEY: http://www.sublimation.org/contact.html
PGP Key fingerprint = EC4B 0DA5 B4F6 BDDD 9176 55D6 3A6A 7D63 158F 22D2


On Mon, 24 Mar 2003, Scott Johnson wrote:

> Hello,
>
> I'm wondering exactly what happens when I make an interactive connection to
> my server that is running scponly.  When I connect, I get this:
>
>  > ssh localhost
> scottj at localhost's password:
> Last login: Mon Mar 24 16:57:01 2003 from xxx.xxx.org
>
> And then, any text input in that session returns the following line:
>
> WinSCP: this is end-of-file:0
>
> Why does this happen?  It would seem to me that scponly should not allow
> this type of interactive session.  What can I do to prevent this?
>
> Thanks,
> Scott
>
>
>
>
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>