[scponly] chroot + scp + unknown user
ScottO
skippylou at gmail.com
Mon Nov 5 08:59:31 EST 2007
So with Kaleb pointing out that scponly is in fact not a regular shell,
I stopped testing with ssh and made the changes to get sftp working
(/dev/null, libraries, etc.). However, scp doesn't seem to work in the
chroot'ed setup, which seems to be the opposite of most posts on here -
in that most people get scp working and not sftp first.
I'm getting the unknown user output as below, which is strange, as the
output also shows that it can match up the uid/username. LDAP is used
to set the appropriate homedir and scponlyc shell, with authorized_keys
doing the auth - which all seem to be working. I've setup passwd and
group in the chroot'ed etc dir, and made sure all necessary libraries
are there for scp (which I also copied under the usr/bin part of the
chroot'ed environment). The debug output is below (-vv didn't give much
more interesting insight), anyone have thoughts on this?:
[testuser at desktop ~]$ scp test.txt
testuser at chrooted_machine:/home/testuser/test.txt
scponly[8171]: chrooted binary in place, will chroot()
scponly[8171]: 3 arguments in total.
scponly[8171]: arg 0 is scponlyc
scponly[8171]: arg 1 is -c
scponly[8171]: arg 2 is scp -t /home/testuser/test.txt
scponly[8171]: opened log at LOG_AUTHPRIV, opts 0x00000029
scponly[8171]: retrieved home directory of
"/home/scponly//home/testuser" for user "testuser"
scponly[8171]: chrooting to dir: "/home/scponly"
scponly[8171]: chdiring to dir: "/home/testuser"
scponly[8171]: setting uid to 1002
scponly[8171]: processing request: "scp -t /home/testuser/test.txt"
scponly[8171]: Found "USER" and setting it to "testuser"
scponly[8171]: Environment contains "USER=testuser"
scponly[8171]: running: /usr/bin/scp -t /home/testuser/test.txt
(username: testuser(1002), IP/port: ::ffff:192.168.1.25 44198 22)
unknown user 1002
lost connection
More information about the scponly
mailing list