[scponly] What's needed to make sftp work?
Whit Blauvelt
whit at transpect.com
Thu Feb 16 16:30:03 EST 2006
Okay, something's missing from the docs. A reasonably default installation
does not work for sftp:
Feb 16 16:06:01 china sshd[7563]: Accepted keyboard-interactive/pam for joann from 12.12.12.12 port 41683 ssh2
Feb 16 16:06:01 china sshd(pam_unix)[7578]: session opened for user joann by (uid=0)
Feb 16 16:06:01 china sshd[7578]: subsystem request for sftp
Feb 16 16:06:01 china scponly[7579]: 3 arguments in total.
Feb 16 16:06:01 china scponly[7579]: ^Iarg 0 is scponly
Feb 16 16:06:01 china scponly[7579]: ^Iarg 1 is -c
Feb 16 16:06:01 china scponly[7579]: ^Iarg 2 is /usr/lib/misc/sftp-server
Feb 16 16:06:01 china scponly[7579]: opened log at LOG_AUTHPRIV, opts 0x00000029
Feb 16 16:06:01 china scponly[7579]: retrieved home directory of "/web/howard" for user "joann"
Feb 16 16:06:01 china scponly[7579]: setting uid to 1015
Feb 16 16:06:01 china scponly[7579]: processing request: "/usr/lib/misc/sftp-server"
Feb 16 16:06:01 china scponly[7579]: denied request: /usr/lib/misc/sftp-server (resolved to: sftp-server) ...
Feb 16 16:06:01 china sshd(pam_unix)[7578]: session closed for user joann
Now, I'm imagining that there's someplace that should be obvious that
scponly's looking up what requests it should allow. But that place is not
described (or I'm missing it) in the man page, the INSTALL, or the README.
On a normal sftp connection, sftp-server runs fine:
8414 ? Ss 0:00 /usr/lib/misc/sftp-server
Whit
More information about the scponly
mailing list