[scponly] SIGPIPE when trying to connect to chrooted scponly host

Kaleb Pederson kaleb.pederson at gmail.com
Mon Apr 6 10:46:14 EDT 2009 

On Monday 06 April 2009 07:29:42 am Mark Trolley wrote:
> I can check. Which logs in particular should I be looking at? The
> information below is from auth.log. I tried grepping for scponly and
> that was the only log file I found with reference to it. I don't know
> syslog very well though.

I rarely see syslog configured consistently across different distributions, but the following are typical:

/var/log/messages
/var/log/secure
/var/log/auth*

I've never seen scponly not make it past the chroot stage without logging something useful, but that doesn't mean you're not the first.  Grep'ing for scponly seems like a perfectly acceptable way to find it, assuming there's a catch-all rule in syslog.

--Kaleb



> Thanks,
> Mark
> 
> On Mon, Apr 6, 2009 at 10:25 AM, Kaleb Pederson
> <kaleb.pederson at gmail.com> wrote:
> > Mark,
> >
> > On Sunday 05 April 2009 03:29:23 pm Mark Trolley wrote:
> >>Sorry, didn't realize my reply went straight to you.
> >
> > It's alright, that happens.
> >
> >>I don't know why it wasn't working but when I tried testing by
> >>connecting locally (# sftp user at localhost) I got that in my log.
> >>
> >>Here's what I get when I try from Filezilla from a remote host:
> > ...
> >
> >> Apr  5 18:27:38 hanzy sshd[13628]: subsystem request for sftp
> >> Apr  5 18:27:38 hanzy sshd[13628]: debug1: subsystem: exec()
> >> /usr/lib/sftp-server
> >> Apr  5 18:27:38 hanzy scponly[13629]: chrooted binary in place, will chroot()
> >> Apr  5 18:27:38 hanzy scponly[13629]: 3 arguments in total.
> >> Apr  5 18:27:38 hanzy scponly[13629]: ^Iarg 0 is scponlyc
> >> Apr  5 18:27:38 hanzy scponly[13629]: ^Iarg 1 is -c
> >> Apr  5 18:27:38 hanzy scponly[13629]: ^Iarg 2 is /usr/lib/sftp-server
> >> Apr  5 18:27:38 hanzy scponly[13629]: opened log at LOG_AUTHPRIV, opts
> >> 0x00000029
> >
> > Are you sure that's the only output being generated by scponly?  You might check a couple of the other log files as we should see something indicating that scponly chrooted to the correct directory, changed directory, etc., but none of those is present in the above.
> >
> > Thanks.
> >
> > --Kaleb
> >
> 
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>

More information about the scponly mailing list