[scponly] Re: Still strange things with scp in chroot... :-|

Sun Apr 2 13:24:42 EDT 2006

Hi ! :)

Nobody has a clue ?...
I'm still looking for the solution, but no idea.

Only one question : the scp binary in the chrooted directory is
supposed to be the same as in the normal system, isn't it ? or is it
like "group" binary, which is a special one for jail ?
Because at this time, I only used the /usr/bin/scp to put into the
chrooted directory (/home/testuser/usr/bin/scp)...

Cheers,

YLB.

P.S.: btw, the error message using WinSCP is [badly translated by
myself ;o)] "Unable to start SCP transfer. Please check that SCP is
well installed on the server and that it is in the PATH. You can also
use SFTP rather than SCP. Command failed with error code 255.". :(

2006/3/30, YLB <ylebihan at gmail.com>:
> Hello everybody ! :-)
>
> Well, there's still one thing I don't understand. I'm now able to
> connect to my server's chrooted account using scp. I get the result of
> "ls -la" with no matter.
> But when I try to transfer or get a file, scp doesn't work ! The
> binary "scp" is well put in the directory {chroot}/usr/bin/ and the
> system finds it.
>
> -------------------------------------
>
> Using debug, I get this in the syslog :
>
> Mar 30 20:18:11 server scponly[11572]: running: /usr/bin/scp -t .
> (username: testuser(517), IP/port: xxx.yyy.zzz.uu 55717 22)
>
> -------------------------------------
>
> So, it's running. But on the client machine, I get this :
>
> [me at other-server me]$ scp file-to-test.txt testuser at server.domain.com:
> Password:
> unknown user 517
> lost connection
> [me at other-server me]$
>
> -------------------------------------
>
> I thought of a problem with passwd / group files but I don't understand :
>
> Without chroot:
>
> [root at server root]# cat /etc/passwd | grep testuser
> testuser:x:517:517::/home/testuser//testuser:/usr/local/sbin/scponlyc
> [root at server root]# cat /etc/group | grep testuser
> testuser:x:517:
> [root at server root]#
>
> -------------------------------------
>
> In chrooted directory:
>
> [root at server root]# cat /home/testuser/etc/passwd | grep testuser
> testuser:x:517:517::/testuser:/usr/local/sbin/scponlyc
> [root at server root]# cat /home/testuser/etc/group | grep testuser
> testuser:x:517:
> [root at server root]#
>
> -------------------------------------
>
> Do you have any idea ? I've been working on that a long time and I'm
> exhausted... I go asleep now, but I would be very happy if someone
> could help me !! ;)
>
> Cheers,
>
> YLB.