[scponly] sftp works scp does not

Pawel Mueller pawel.mueller at rus.uni-stuttgart.de
Fri Feb 10 12:56:40 EST 2006 

Hi Kaleb,

I realy only made this change. I thought that this can't be only this,
so I did it 3 times.
The scponly debug output is now:

Feb 10 18:51:51 zsdweb1 scponly[3418]: 1 arguments in total.
Feb 10 18:51:51 zsdweb1 scponly[3418]:  arg 0 is -scponly
Feb 10 18:51:51 zsdweb1 scponly[3418]: opened log at LOG_AUTHPRIV, opts
0x00000009
Feb 10 18:51:51 zsdweb1 scponly[3418]: retrieved home directory of
"/home/scponlytest" for user "scponlytest"
Feb 10 18:51:51 zsdweb1 scponly[3418]: setting uid to 1004
Feb 10 18:51:51 zsdweb1 scponly[3418]: entering WinSCP compatibility
mode [username: scponlytest(1004), IP/port: 129.69.3.249 4885 22]
Feb 10 18:51:52 zsdweb1 scponly[3418]: processing request: "groups"
Feb 10 18:51:52 zsdweb1 scponly[3418]: running: /usr/bin/groups
(username: scponlytest(1004), IP/port: 129.69.3.249 4885 22)
Feb 10 18:51:53 zsdweb1 scponly[3418]: processing request: "pwd"
Feb 10 18:51:53 zsdweb1 scponly[3418]: running: /bin/pwd (username:
scponlytest(1004), IP/port: 129.69.3.249 4885 22)
Feb 10 18:51:53 zsdweb1 scponly[3418]: processing request: "ls -la
--full-time"
Feb 10 18:51:53 zsdweb1 scponly[3418]: running: /bin/ls -la --full-time
(username: scponlytest(1004), IP/port: 129.69.3.249 4885 22)


so everythings looks fine.

thx for explaining :-)

have a nice evening
Pawel


Kaleb Pederson wrote:
> Pawel,
> 
> SFTP-Logging is a patch to OpenSSH's sftp-server that allows it to use 
> environment variables to log files the actions that users take while logged 
> into your sftp-server.  If you aren't using the sftp-logging patches to 
> OpenSSH, then you wouldn't need it.
> 
> Gentoo, and possibly other systems, make these patches available to users.
> 
> However, this doesn't explain why it works if that's the only change that you 
> made.  The only thing that sftp-logging should do is create the necessary 
> environment variables for sftp-logging to work instead of leaving an empty 
> environment?
> 
> What do you get as debug output now that it's working?
> 
> Thanks and I hope that helps.
> 
> --Kaleb
> 
> 
> On Friday 10 February 2006 9:35 am, Pawel Mueller wrote:
> 
>>Hi Folks,
>>
>>I found it out. It was the option
>>--enable-sftp-logging-compat
>>
>>after I found out, that I can set the debuglevel variable in
>>../etc/scponly/debuglevel I saw that:
>>
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: processing request: "pwd"
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find "LOG_SFTP" in the
>>environment
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Found "USER" and setting it to
>>"scponlytest"
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find "SFTP_UMASK" in
>>the environment
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find
>>"SFTP_PERMIT_CHMOD" in the environment
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find
>>"SFTP_PERMIT_CHOWN" in the environment
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find "SFTP_LOG_LEVEL"
>>in the environment
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: Unable to find
>>"SFTP_LOG_FACILITY" in the environment
>>Feb 10 18:33:15 zsdweb1 scponly[31203]: running: /bin/pwd (username:
>>scponlytest(1004), IP/port: 129.69.3.249 4873 22)
>>
>>so I just disabled sftp-loggin-compat and users can login without
>>problems. Strange that... can anybody explain please.
>>What exactly it sftp-logging? And how I can enable it anyway?
>>
>>thx a lot
>>Pawel
>>
>>Pawel Mueller wrote:
>>
>>>Hi,
>>>
>>>I have a problem here and can't find a solution. It's the following:
>>>There are many users who should be able to login to my server via
>>>scponly. Most of them are using WINscp. Since winscp now supports sftp
>>>logins, too, there is only a problem with the pure scp login. If I try
>>>that there are some error messages I can't interpret:
>>>
>>>Befehl 'groups'
>>>fehlgeschlagen mit Beendigungscode 0 und Fehlernachricht
>>>*** glibc detected *** free(): invalid pointer: 0x0000000000504c20 ***.
>>>
>>>means:
>>>command 'groups'
>>>failed with returncode 0 and failuremessage
>>>*** glibc detected *** free(): invalid pointer: 0x0000000000504c20 ***.
>>>
>>>after ignoring the same appears with 'pwd' instead of 'group'. This a
>>>have to ignore very often, then I am loged in, but in a empty directory
>>>and when try to do anything, a have to ignore the 'pwd' failures again,
>>>but with no effekt.
>>>
>>>I'm using SuSE Enterprise Distro
>>>I compiled scponly-4.6 with:
>>>./configure --enable-winscp-compat --enable-sftp-logging-compat
>>>--enable-scp-compat --enable-rsync-compat --prefix=/usr/local/
>>>--with-sftp-server
>>>
>>>I had to hack the configure script in the line where as_dummy variable
>>>is defined, because my sftp-server ist in /usr/lib64/ssh/ and the
>>>--with-sftp-server flag simply ignored the path a gave it :-/
>>>
>>>so it would be great If sombody have an idea of what went wrong and how
>>>I can fix it.
>>>
>>>many thanks
>>>Pawel
>>>
>>>
>>>------------------------------------------------------------------------
>>>
>>>_______________________________________________
>>>scponly mailing list
>>>scponly at lists.ccs.neu.edu
>>>https://lists.ccs.neu.edu/bin/listinfo/scponly

-- 
Pawel Müller (Hiwi)                Information & Medien
                                   und Verwaltung
Rechenzentrum
Universitaet Stuttgart
Allmandring 30
70550 Stuttgart                   http://www.rus.uni-stuttgart.de

More information about the scponly mailing list