[scponly] ssh server no longer scponly's

Heath Henderson hendersonh at unit5.org
Thu Feb 10 11:08:30 EST 2005 

It actually works fine for local accounts.  As it should.  However, with
Users Authenticated via LDAP, it no longer works on this one server.

I can login from another server or from the LDAP server itself and get
an scponly shell (as I expect).



Heath Henderson
Assistant Technology Administrator
McLean County Unit 5 Schools
Normal, IL 61761   

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPB5LcYGGX69LnzBZEQJVdwCeIfH/DOpwbOdiut29KG0AwEhzaDYAoM1q
Q2CIQ2P2RQOnaUcu3m/jXITE
=BWZp
-----END PGP SIGNATURE-----


>>> "Paul Hyder" <Paul.Hyder at noaa.gov> 2/10/2005 9:45:25 AM >>>
This sounds like a jail configuration problem.  You sure the top
level password file has scponlyc as the shell?  How do you test to
see if there is a shell?  (An "ssh ls" could work as might a few
ssh commands depending on the exact set of compiled in options but
a login shouldn't be possible unless the top level password file
isn't locked down.)
     Paul Hyder
     NOAA Forecast Systems Lab

----- Original Message -----
From: "Heath Henderson" <hendersonh at unit5.org>
Date: Thursday, February 10, 2005 0:17 am
Subject: [scponly] ssh server no longer scponly's

> I have an ssh server which up until about 30 minutes ago would allow
> logins only via WinsCP.  This is just as I had it set.
> 
> Server - Fedora C3.  Login via ssh (authentication done to LDAP 
> server)
> Everything seems to be working normally, but login via ssh 
> terminal now
> allows a shell?  I can login to the Server directly and get the 
> correctscponly shell denial, but not the ssh server?  Thoughts?  
> 
> Heath Henderson
> Assistant Technology Administrator
> McLean County Unit 5 Schools
> Normal, IL 61761   
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <" 
> target="l">http://www.pgp.com>
> iQQ2CIQ2P2RQOnaUcu3m/jXITE
> =BWZp
> -----END PGP SIGNATURE-----
> 
> 
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu 
> https://lists.ccs.neu.edu/bin/listinfo/scponly 
>

More information about the scponly mailing list