[scponly] FreeBSD 5.3-RELEASE-p27 and scponly-4.4 broken?

Hideyuki KURASHINA rushani at bl.mmtr.or.jp
Wed Mar 8 18:23:46 EST 2006 

Hi,

>>> On Wed, 8 Mar 2006 18:11:10 -0500, "David Robillard" <david.robillard at notarius.com> said:

> Hi everyone,
> 
> I'm trying to get scponly-4.4 to work with on a FreeBSD 5.3-RELEASE-p27 machine.
> 
> Unfortunately, it always fails. Here's the debug info from the machine on which scponly is installed:
> 
> [drobilla at donald] scponly-4.4 {671}$ tail -f /var/log/scponly.log
> Mar  8 18:03:00 donald scponly[11063]: 3 arguments in total.
> Mar  8 18:03:00 donald scponly[11063]:  arg 0 is scponly
> Mar  8 18:03:00 donald scponly[11063]:  arg 1 is -c
> Mar  8 18:03:00 donald scponly[11063]:  arg 2 is scp -t /backup/test
> Mar  8 18:03:00 donald scponly[11063]: opened log at LOG_AUTHPRIV, opts 0x00000029
> Mar  8 18:03:00 donald scponly[11063]: retrieved home directory of "/backup" for user "backup"
> Mar  8 18:03:00 donald scponly[11063]: setting uid to 1911
> Mar  8 18:03:00 donald scponly[11063]: processing request: "scp -t /backup/test"
> Mar  8 18:03:00 donald scponly[11063]: denied request: scp -t /backup/test [username: backup(1911), IP/port: 172.25.111.25 55510 22]
                                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

> And here's the command as it is run by the remote machine:
> 
> [drobilla at raymond] drobilla {531}$ scp testfile backup at donald.notarius.com:/backup/test
> Restricted Access.
> Password:
> scponly[11063]: 3 arguments in total.
> scponly[11063]:         arg 0 is scponly
> scponly[11063]:         arg 1 is -c
> scponly[11063]:         arg 2 is scp -t /backup/test
> scponly[11063]: opened log at LOG_AUTHPRIV, opts 0x00000029
> scponly[11063]: retrieved home directory of "/backup" for user "backup"
> scponly[11063]: setting uid to 1911
> scponly[11063]: processing request: "scp -t /backup/test"
> scponly[11063]: denied request: scp -t /backup/test [username: backup(1911), IP/port: 172.25.111.25 55510 22]
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> lost connection
> [drobilla at raymond] drobilla {532}$ 

> I'd like to get this working. Any ideas?

>From scponly 4.2, it does not support rsync or scp by default (i.e.,
only sftp is enabled).  Have you enabled it?

Regards,

-- rushani

More information about the scponly mailing list