[scponly] scponly on AIX with IBMs patches to OpenSSH

Eckert, Doug Doug.Eckert at dowjones.com
Thu Oct 25 12:08:30 EDT 2012 

Thanks,

I pulled the source from GitHub and built fresh.  Same result, and it's definitely pulling in the netbsd getopt_long.  I had a look at scponly.c for where the "request denied" comes in to play.  I figured I'd try to re-run configure with "--enable-scp-compat" 

Success!  I've got more testing to do, but looking good so far.

Oct 25 10:15:09 sbktesaix02 auth|security:info sshd[4784362]: Accepted password for XXXXXX from w.x.y.z port 59493 ssh2
Oct 25 10:15:09 sbktesaix02 auth|security:info scponly[3080228]: using netbsd's bundled getopt_long
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]: 3 arguments in total.
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]:       arg 0 is scponly
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]:       arg 1 is -c
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]:       arg 2 is scp -t -- /tmp/cfgvg.out
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]: opened log at LOG_AUTH, opts 0x00000009
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]: determined USER is " XXXXXX " from environment
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]: retrieved home directory of "/home/ XXXXXX " for user " XXXXXX "
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]: setting uid to 500
Oct 25 10:15:09 sbktesaix02 auth|security:debug scponly[3080228]: processing request: "scp -t -- /tmp/cfgvg.out"
Oct 25 10:15:09 sbktesaix02 auth|security:err|error scponly[3080228]: denied request: scp -t -- /tmp/cfgvg.out [username: XXXXXX (500), IP/port: w.x.y.z 59493 22]
Oct 25 10:15:09 sbktesaix02 auth|security:info sshd[4718694]: Received disconnect from w.x.y.z: 11: disconnected by user
Oct 25 11:58:36 sbktesaix02 auth|security:info sshd[5111888]: Accepted password for XXXXXX from w.x.y.z port 59808 ssh2
Oct 25 11:58:36 sbktesaix02 auth|security:info scponly[4718822]: running: /bin/scp -t -- /tmp/cfgvg.out (username: XXXXXX (500), IP/port: w.x.y.z 59808 22)
Oct 25 11:58:36 sbktesaix02 auth|security:info sshd[3080236]: Received disconnect from w.x.y.z: 11: disconnected by user

More information about the scponly mailing list