[scponly] Problem with OpenBSD 3.9 and scponly 4.6, too
Volker Kindermann
ml at ps102.de
Sun Jun 4 09:34:51 EDT 2006
Hi,
I also have a problem with scponly 4.6 and OpenBSD 3.9.
I ran:
./configure --enable-winscp-compat --enable-scp-compat \
--enable-chrooted-binary --enable-passwd-compat
make
make install
make jail (and followed the defaults)
I added /usr/local/sbin/scponlyc to /etc/shells. I added
a /home/scponly/usr/lib directory and copied /usr/lib/libcrypto.so.12.0
and /usr/lib/libc.so.39.0 to this directory.
But if I try to connect, the connection is closed immediately:
# sftp scponly at localhost
Connecting to localhost...
scponly at localhost's password:
Connection closed
#
This is in /var/log/secure:
Jun 4 15:24:37 ramielneu scponly[31470]: chrooted binary in place,
will chroot()
Jun 4 15:24:38 ramielneu scponly[31470]: 3 arguments in total.
Jun 4 15:24:38 ramielneu scponly[31470]: arg 0 is scponlyc
Jun 4 15:24:38 ramielneu scponly[31470]: arg 1 is -c
Jun 4 15:24:38 ramielneu scponly[31470]: arg 2
is /usr/libexec/sftp-server
Jun 4 15:24:38 ramielneu scponly[31470]: opened log at LOG_AUTHPRIV,
opts 0x00000009
Jun 4 15:24:38 ramielneu scponly[31470]: retrieved home directory of
"/home/scponly" for user "scponly"
Jun 4 15:24:38 ramielneu scponly[31470]: chrooting to dir:
"/home/scponly"
Jun 4 15:24:38 ramielneu scponly[31470]: chdiring to dir: "/"
Jun 4 15:24:38 ramielneu scponly[31470]: setting uid to 1002
Jun 4 15:24:38 ramielneu scponly[31470]: processing request:
"/usr/libexec/sftp-server"
Jun 4 15:24:38 ramielneu scponly[31470]:
running: /usr/libexec/sftp-server (username: scponly(1002), IP/port:
127.0.0.1 1888 2 22)
This is in /var/log/authlog:
Jun 4 15:24:37 ramielneu sshd[12401]: Accepted password for scponly
from 127.0.0.1 port 18882 ssh2
Jun 4 15:24:37 ramielneu sshd[5140]: Accepted password for scponly
from 127.0.0.1 port 18882 ssh2
Jun 4 15:24:37 ramielneu sshd[26281]: subsystem request for sftp
Same if I try it with WinSCP 3.8.1 from a WinXP Box.
If you need any further information, please ask.
Thanks in advance
Volker
More information about the scponly
mailing list