[scponly] Why isn't scponlyc siphoning off the path following the double slash?
Maurice Volaski
mvolaski at aecom.yu.edu
Thu Nov 1 02:43:20 EDT 2007
On a 64-bit Gentoo system, I have the following in /etc/passwd
planaria:x:1004:1009::/home/halllvd/planaria//hallweb:/usr/sbin/scponlyc
So /home/halllvd/planaria/ is the user's account on this system and
also the chroot environment and it's owned by root, not this user.
The .ssh directory for this user is in there, too.
I can ssh to it given a bash shell here, and I can chroot to it, too.
hallweb is the writable directory for this user within the chrooted
environment and also the home in /etc/passwd of the chrooted
environment.
Without the double slash present, rsync can write files in it. But
with the double slash present, rsync cannot connect and I see in the
sshd debug
debug1: trying public key file
/home/halllvd/planaria//hallweb/.ssh/authorized_keys
So for some reason, sshd is receiving this whole path, double slashes
and all. Shouldn't scponlyc be siphoning off that information, so
sshd sees just the chrooted path, which is where the .ssh directory
is?
--
Maurice Volaski, mvolaski at aecom.yu.edu
Computing Support, Rose F. Kennedy Center
Albert Einstein College of Medicine of Yeshiva University
More information about the scponly
mailing list