From owner-freebsd-questions Sun Oct 14 20:43:11 2001 Delivered-To: freebsd-questions@freebsd.org Received: from swan.mail.pas.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by hub.freebsd.org (Postfix) with ESMTP id AB38D37B405 for ; Sun, 14 Oct 2001 20:43:06 -0700 (PDT) Received: from blossom.cjclark.org (dialup-209.247.143.60.Dial1.SanJose1.Level3.net [209.247.143.60]) by swan.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id UAA14107; Sun, 14 Oct 2001 20:42:54 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.3) id f9F3gKE02124; Sun, 14 Oct 2001 20:42:20 -0700 (PDT) (envelope-from cjc) Date: Sun, 14 Oct 2001 20:42:20 -0700 From: "Crist J. Clark" To: Francisco Reyes Cc: FreeBSD Questions List Subject: Re: Automating ssh connections so only one command would run. Message-ID: <20011014204220.K309@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20011012222025.I6274@blossom.cjclark.org> <20011014225334.V18306-100000@zoraida.natserv.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011014225334.V18306-100000@zoraida.natserv.net>; from lists@natserv.com on Sun, Oct 14, 2001 at 10:58:27PM -0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Oct 14, 2001 at 10:58:27PM -0400, Francisco Reyes wrote: > > > >it is trivial to slip commands through scp(1), > > > >$ scp 'remote:somefile;touch /tmp/scp_test' . > > > > And check for /tmp/scp_test on the remote machine. > > > I don't see how this is a security problem. Could you explain? > > > > I presume you want to limit people to scp(1) so they do not have full > > shell access; they can't execute arbitrary commands on the remote > > machine. With scp(1), you can do, > > > > $ cat > command.sh < > > exec > command.out 2>&1 > > > > > > EOF > > $ scp command.sh remote: > > $ scp 'remote:nonexistent; /bin/sh command.sh' . > > $ scp remote:command.out . > > $ more command.out > > I just did what you wrote above. All a person would be able to do is to > copy the command.sh file/command to the other machine. If I could limit > their ability to only run scp and not ssh there would be no harm (in my > setup) just by been able to copy arbitrary files. Of course I still need > to have a quota so they don't override the space on the other machine, but > that is not all too much trouble. But scp(1) IS ssh(1). scp(1) is just a wrapper around ssh(1) to copy files. When you run scp(1) on the local machine, it calls the ssh(1) executable on the local machine, connects to the sshd daemon on the otherside which then runs a shell with scp(1) as the program the shell is to run. > > > Automating scp may not be the most secure way to copy data, but is there a > > > better way? > > scp = ssh = shell access. But I may have misunderstood what you are > > trying to achieve. > > I am just trying to copy 2 files every day from one machine to another. Oh. That's all? No isssues with untrusted users. I did misunderstand. For example, we want to copy 'file1' and 'file2' from 'src-machine' to the directory '/dir/path' on 'dst-machine.' On the remote machine, put, from="source-machine",no-pty,command="cd /dir/path; tar xf -" In front of the 'authorized_key' entry. On the src-machine, just run, $ tar cf - file1 file2 | ssh dst-machine To move the files. You may wish to use a dedicated key for this operation. Use the '-i' option to specify the key at the source end. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message