Date: Thu, 21 Aug 2003 12:55:22 -0400 From: "Eric W. Bates" <ericx@vineyard.net> To: "Eric W. Bates" <ericx@vineyard.net>, "Andrew Thompson" <andy@fud.org.nz>, "Ralph Forsythe" <rf-list@centerone.com> Cc: freebsd-isp@freebsd.org Subject: Re: Creating account with SCP ONLY Message-ID: <01a201c36805$068c5090$68c311cc@fortiva> References: <5.1.0.14.2.20030820232337.02751eb8@mail.centerone.com><03Aug21.172942nzst.336041@homer.fire.org.nz> <010a01c367f3$08a0dde0$68c311cc@fortiva>
next in thread | previous in thread | raw e-mail | index | archive | help
Fixed. The port doesn't work unless you set at least one of the Makefile options. ----- Original Message ----- From: "Eric W. Bates" <ericx@vineyard.net> To: "Andrew Thompson" <andy@fud.org.nz>; "Ralph Forsythe" <rf-list@centerone.com> Cc: <freebsd-isp@freebsd.org> Sent: Thursday, August 21, 2003 10:46 AM Subject: Re: Creating account with SCP ONLY > > ----- Original Message ----- > From: "Andrew Thompson" <andy@fud.org.nz> > To: "Ralph Forsythe" <rf-list@centerone.com> > Cc: <freebsd-isp@freebsd.org> > Sent: Thursday, August 21, 2003 1:30 AM > Subject: Re: Creating account with SCP ONLY > > > > On Thu, 2003-08-21 at 17:25, Ralph Forsythe wrote: > > > Since we're talking about limiting ssh access right now... I need to > > > create user accounts that cannot use the shell, but can still move files > > > around via scp/sftp. We have FTP disabled, and as we start to bring users > > > online I do not want them having shell capabilities for security reasons. > > > > > > > /usr/ports/shells/scponly > > I was interested to learn of this port and we tried it this morning.; but we can't make it work. > > Setting debug level 2 in /usr/local/etc/scponly/debuglevel we get denied: > > ** ericx@king1 ** ~ ** Thu Aug 21 10:40:55 > $ scp bdrtest@k2:/usr/local/customers/customers.king2/bdrtest/personal/foo.txt . > bdrtest@king2.vineyard.net's password: > [48256]: 3 arguments in total. > [48256]: arg 0 is scponly > [48256]: arg 1 is -c > [48256]: arg 2 is scp -f /usr/local/customers/customers.king2/bdrtest/personal/foo.txt > [48256]: opened log at LOG_AUTHPRIV, opts 0x00000029 > [48256]: retrieved home directory of "/usr/local/customers/customers.king2/./bdrtest" for user "bdrtest" > [48256]: setting uid to 3575 > [48256]: processing request: "scp -f /usr/local/customers/customers.king2/bdrtest/personal/foo.txt" > > [48256]: denied request: scp -f /usr/local/customers/customers.king2/bdrtest/personal/foo.txt [username: bdrtest(3575), IP/port: 204.17.195.90 1483 22] > > Apparantly this question has been asked on the scponly mailing list; but never answered. > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > -------------------------------------------------------------------------------- > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01a201c36805$068c5090$68c311cc>