[scponly] sftp works scp does not
Kaleb Pederson
kpederson at mail.ewu.edu
Fri Feb 10 12:47:42 EST 2006
Pawel,
SFTP-Logging is a patch to OpenSSH's sftp-server that allows it to use
environment variables to log files the actions that users take while logged
into your sftp-server. If you aren't using the sftp-logging patches to
OpenSSH, then you wouldn't need it.
Gentoo, and possibly other systems, make these patches available to users.
However, this doesn't explain why it works if that's the only change that you
made. The only thing that sftp-logging should do is create the necessary
environment variables for sftp-logging to work instead of leaving an empty
environment?
What do you get as debug output now that it's working?
Thanks and I hope that helps.
--Kaleb
On Friday 10 February 2006 9:35 am, Pawel Mueller wrote:
> Hi Folks,
>
> I found it out. It was the option
> --enable-sftp-logging-compat
>
> after I found out, that I can set the debuglevel variable in
> ../etc/scponly/debuglevel I saw that:
>
> Feb 10 18:33:15 zsdweb1 scponly[31203]: processing request: "pwd"
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find "LOG_SFTP" in the
> environment
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Found "USER" and setting it to
> "scponlytest"
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find "SFTP_UMASK" in
> the environment
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find
> "SFTP_PERMIT_CHMOD" in the environment
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find
> "SFTP_PERMIT_CHOWN" in the environment
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find "SFTP_LOG_LEVEL"
> in the environment
> Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find
> "SFTP_LOG_FACILITY" in the environment
> Feb 10 18:33:15 zsdweb1 scponly[31203]: running: /bin/pwd (username:
> scponlytest(1004), IP/port: 129.69.3.249 4873 22)
>
> so I just disabled sftp-loggin-compat and users can login without
> problems. Strange that... can anybody explain please.
> What exactly it sftp-logging? And how I can enable it anyway?
>
> thx a lot
> Pawel
>
> Pawel Mueller wrote:
> > Hi,
> >
> > I have a problem here and can't find a solution. It's the following:
> > There are many users who should be able to login to my server via
> > scponly. Most of them are using WINscp. Since winscp now supports sftp
> > logins, too, there is only a problem with the pure scp login. If I try
> > that there are some error messages I can't interpret:
> >
> > Befehl 'groups'
> > fehlgeschlagen mit Beendigungscode 0 und Fehlernachricht
> > *** glibc detected *** free(): invalid pointer: 0x0000000000504c20 ***.
> >
> > means:
> > command 'groups'
> > failed with returncode 0 and failuremessage
> > *** glibc detected *** free(): invalid pointer: 0x0000000000504c20 ***.
> >
> > after ignoring the same appears with 'pwd' instead of 'group'. This a
> > have to ignore very often, then I am loged in, but in a empty directory
> > and when try to do anything, a have to ignore the 'pwd' failures again,
> > but with no effekt.
> >
> > I'm using SuSE Enterprise Distro
> > I compiled scponly-4.6 with:
> > ./configure --enable-winscp-compat --enable-sftp-logging-compat
> > --enable-scp-compat --enable-rsync-compat --prefix=/usr/local/
> > --with-sftp-server
> >
> > I had to hack the configure script in the line where as_dummy variable
> > is defined, because my sftp-server ist in /usr/lib64/ssh/ and the
> > --with-sftp-server flag simply ignored the path a gave it :-/
> >
> > so it would be great If sombody have an idea of what went wrong and how
> > I can fix it.
> >
> > many thanks
> > Pawel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20060210/e41671a5/attachment.bin
More information about the scponly
mailing list