[scponly] FreeBSD 5.3-RELEASE-p27 and scponly-4.4 broken?

Kyong Kim kimkyong at fhda.edu
Wed Mar 8 18:54:38 EST 2006


Also, after you enable scp, try using scpjailer 
)just google for it) if you continue to have 
problems. I had the same problem yesterday and 
using scpjailer fixed it for me. For some reason, 
I had a tough time using setup_chroot.sh even 
after I enabled scp.

Kyong

At 6:11 PM -0500 3/8/06, David Robillard wrote:
>Hi everyone,
>
>I'm trying to get scponly-4.4 to work with on a 
>FreeBSD 5.3-RELEASE-p27 machine.
>
>Unfortunately, it always fails. Here's the debug 
>info from the machine on which scponly is 
>installed:
>
>[drobilla at donald] scponly-4.4 {671}$ tail -f /var/log/scponly.log
>Mar  8 18:03:00 donald scponly[11063]: 3 arguments in total.
>Mar  8 18:03:00 donald scponly[11063]:  arg 0 is scponly
>Mar  8 18:03:00 donald scponly[11063]:  arg 1 is -c
>Mar  8 18:03:00 donald scponly[11063]:  arg 2 is scp -t /backup/test
>Mar  8 18:03:00 donald scponly[11063]: opened 
>log at LOG_AUTHPRIV, opts 0x00000029
>Mar  8 18:03:00 donald scponly[11063]: retrieved 
>home directory of "/backup" for user "backup"
>Mar  8 18:03:00 donald scponly[11063]: setting uid to 1911
>Mar  8 18:03:00 donald scponly[11063]: 
>processing request: "scp -t /backup/test"
>Mar  8 18:03:00 donald scponly[11063]: denied 
>request: scp -t /backup/test [username: 
>backup(1911), IP/port: 172.25.111.25 55510 22]
>
>And here's the command as it is run by the remote machine:
>
>[drobilla at raymond] drobilla {531}$ scp testfile 
>backup at donald.notarius.com:/backup/test
>Restricted Access.
>Password:
>scponly[11063]: 3 arguments in total.
>scponly[11063]:         arg 0 is scponly
>scponly[11063]:         arg 1 is -c
>scponly[11063]:         arg 2 is scp -t /backup/test
>scponly[11063]: opened log at LOG_AUTHPRIV, opts 0x00000029
>scponly[11063]: retrieved home directory of "/backup" for user "backup"
>scponly[11063]: setting uid to 1911
>scponly[11063]: processing request: "scp -t /backup/test"
>scponly[11063]: denied request: scp -t 
>/backup/test [username: backup(1911), IP/port: 
>172.25.111.25 55510 22]
>lost connection
>[drobilla at raymond] drobilla {532}$
>
>On the machine on which scponly is installed, the user 'backup' is:
>
>[drobilla at donald] scponly-4.4 {672}$ id backup
>uid=1911(backup) gid=1911(backup) groups=1911(backup)
>
>[drobilla at donald] scponly-4.4 {674}$ grep backup /etc/passwd
>backup:*:1911:1911:Remote Backup User:/backup:/usr/local/bin/scponly
>
>[drobilla at donald] scponly-4.4 {673}$ ls -alF /backup
>total 6
>dr-xr-xr-x   3 backup  backup  512 Mar  8 17:35 ./
>drwxr-xr-x  22 root    wheel   512 Mar  8 17:34 ../
>drwxrwxr-x   2 backup  backup  512 Mar  8 17:05 .snap/
>
>I'd like to get this working. Any ideas?
>
>Many thanks,
>
>David
>
>--
>David Robillard
>UNIX systems administrator
>david.robillard at notarius.com
>
>Notarius
>465, rue St-Jean, suite 200
>Montréal, Québec, H2Y 2R6
>
>Tel. : +1 514 966 0122
>Fax. : +1 514 281 1226
>
>http://www.notarius.com
>
>Ce message, ainsi que tout fichier qui y est 
>joint, est destiné exclusivement aux personnes à 
>qui il est adressé. Il peut contenir des 
>renseignements ou des informations de nature 
>confidentielle qui ne doivent être divulgués en 
>vertu des lois applicables. Si vous n'êtes pas 
>le destinataire de ce message ou un mandataire 
>autorisé de celui-ci, par la présente vous êtes 
>avisé que toute impression, diffusion, 
>distribution ou reproduction de ce message et de 
>tout fichier qui y est joint est strictement 
>interdite. L'intégrité de ce message n'étant pas 
>assurée sur Internet, Notarius (TSIN) Inc. ne 
>peut être tenue responsable de son contenu s'il 
>a été altéré, déformé ou falsifié. Si ce message 
>vous a été transmis par erreur, veuillez en 
>aviser sans délai l'expéditeur et l'effacer 
>ainsi que tout fichier joint sans en conserver 
>de copie.
>
>This message, and any attachments, is intended 
>only for the use of the addressee or his 
>authorized representative. It may contain 
>information that is privileged, confidential and 
>exempt from disclosure under applicable law. If 
>the reader of this message is not the intended 
>recipient, or his authorized representative, you 
>are hereby notified that any dissemination, 
>distribution or copying of this message and any 
>attachments is strictly prohibited. The 
>integrity of this message cannot be guaranteed 
>on the Internet, Notarius (TSIN) Inc. shall not 
>be liable for its content if altered, changed or 
>falsified. If you have received this message in 
>error, please contact right away with the sender 
>and delete this message and any attachments from 
>your system.
>
>_______________________________________________
>scponly mailing list
>scponly at lists.ccs.neu.edu
>https://lists.ccs.neu.edu/bin/listinfo/scponly




More information about the scponly mailing list