[scponly] FreeBSD 5.3-RELEASE-p27 and scponly-4.4 broken?

Paul.Hyder at noaa.gov Paul.Hyder at noaa.gov
Wed Mar 8 18:33:42 EST 2006


The recent scponly releases do not permit scp by default.
It appears you need to reconfigure with the flag enabling
scp.
    Paul Hyder
    NOAA Earth System Research Laboratory, Global Systems Division
    Boulder, CO

----- Original Message -----
From: David Robillard <david.robillard at notarius.com>
Date: Wednesday, March 8, 2006 4:11 pm
Subject: [scponly] FreeBSD 5.3-RELEASE-p27 and scponly-4.4 broken?

> Hi everyone,
> 
> I'm trying to get scponly-4.4 to work with on a FreeBSD 5.3-RELEASE-
> p27 machine.
> 
> Unfortunately, it always fails. Here's the debug info from the 
> machine on which scponly is installed:
> 
> [drobilla at donald] scponly-4.4 {671}$ tail -f /var/log/scponly.log
> Mar  8 18:03:00 donald scponly[11063]: 3 arguments in total.
> Mar  8 18:03:00 donald scponly[11063]:  arg 0 is scponly
> Mar  8 18:03:00 donald scponly[11063]:  arg 1 is -c
> Mar  8 18:03:00 donald scponly[11063]:  arg 2 is scp -t /backup/test
> Mar  8 18:03:00 donald scponly[11063]: opened log at LOG_AUTHPRIV, 
> opts 0x00000029
> Mar  8 18:03:00 donald scponly[11063]: retrieved home directory of 
> "/backup" for user "backup"
> Mar  8 18:03:00 donald scponly[11063]: setting uid to 1911
> Mar  8 18:03:00 donald scponly[11063]: processing request: "scp -t 
> /backup/test"Mar  8 18:03:00 donald scponly[11063]: denied request: 
> scp -t /backup/test [username: backup(1911), IP/port: 172.25.111.25 
> 55510 22]
> 
> And here's the command as it is run by the remote machine:
> 
> [drobilla at raymond] drobilla {531}$ scp testfile 
> backup at donald.notarius.com:/backup/testRestricted Access.
> Password:
> scponly[11063]: 3 arguments in total.
> scponly[11063]:         arg 0 is scponly
> scponly[11063]:         arg 1 is -c
> scponly[11063]:         arg 2 is scp -t /backup/test
> scponly[11063]: opened log at LOG_AUTHPRIV, opts 0x00000029
> scponly[11063]: retrieved home directory of "/backup" for user 
> "backup"scponly[11063]: setting uid to 1911
> scponly[11063]: processing request: "scp -t /backup/test"
> scponly[11063]: denied request: scp -t /backup/test [username: 
> backup(1911), IP/port: 172.25.111.25 55510 22]
> lost connection
> [drobilla at raymond] drobilla {532}$ 
> 
> On the machine on which scponly is installed, the user 'backup' is:
> 
> [drobilla at donald] scponly-4.4 {672}$ id backup
> uid=1911(backup) gid=1911(backup) groups=1911(backup)
> 
> [drobilla at donald] scponly-4.4 {674}$ grep backup /etc/passwd 
> backup:*:1911:1911:Remote Backup User:/backup:/usr/local/bin/scponly
> 
> [drobilla at donald] scponly-4.4 {673}$ ls -alF /backup
> total 6
> dr-xr-xr-x   3 backup  backup  512 Mar  8 17:35 ./
> drwxr-xr-x  22 root    wheel   512 Mar  8 17:34 ../
> drwxrwxr-x   2 backup  backup  512 Mar  8 17:05 .snap/
> 
> I'd like to get this working. Any ideas?
> 
> Many thanks,
> 
> David
> 
> --
> David Robillard
> UNIX systems administrator
> david.robillard at notarius.com
> 
> Notarius
> 465, rue St-Jean, suite 200
> Montréal, Québec, H2Y 2R6
> 
> Tel. : +1 514 966 0122
> Fax. : +1 514 281 1226
> 
> http://www.notarius.com
> 
> Ce message, ainsi que tout fichier qui y est joint, est destiné 
> exclusivement aux personnes à qui il est adressé. Il peut contenir 
> des renseignements ou des informations de nature confidentielle qui 
> ne doivent être divulgués en vertu des lois applicables. Si vous 
> n'êtes pas le destinataire de ce message ou un mandataire autorisé 
> de celui-ci, par la présente vous êtes avisé que toute impression, 
> diffusion, distribution ou reproduction de ce message et de tout 
> fichier qui y est joint est strictement interdite. L'intégrité de 
> ce message n'étant pas assurée sur Internet, Notarius (TSIN) Inc. 
> ne peut être tenue responsable de son contenu s'il a été altéré, 
> déformé ou falsifié. Si ce message vous a été transmis par erreur, 
> veuillez en aviser sans délai l'expéditeur et l'effacer ainsi que 
> tout fichier joint sans en conserver de copie.
> 
> This message, and any attachments, is intended only for the use of 
> the addressee or his authorized representative. It may contain 
> information that is privileged, confidential and exempt from 
> disclosure under applicable law. If the reader of this message is 
> not the intended recipient, or his authorized representative, you 
> are hereby notified that any dissemination, distribution or copying 
> of this message and any attachments is strictly prohibited. The 
> integrity of this message cannot be guaranteed on the Internet, 
> Notarius (TSIN) Inc. shall not be liable for its content if 
> altered, changed or falsified. If you have received this message in 
> error, please contact right away with the sender and delete this 
> message and any attachments from your system. 
> 
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
> 



More information about the scponly mailing list