From owner-freebsd-questions@FreeBSD.ORG  Mon May  8 15:25:21 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CA3F016A402
	for <freebsd-questions@freebsd.org>;
	Mon,  8 May 2006 15:25:21 +0000 (UTC)
	(envelope-from atom.powers@gmail.com)
Received: from nz-out-0102.google.com (nz-out-0102.google.com [64.233.162.206])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4488043D48
	for <freebsd-questions@freebsd.org>;
	Mon,  8 May 2006 15:25:21 +0000 (GMT)
	(envelope-from atom.powers@gmail.com)
Received: by nz-out-0102.google.com with SMTP id l1so1219293nzf
	for <freebsd-questions@freebsd.org>;
	Mon, 08 May 2006 08:25:20 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=mFaDspW1k5x3gm4BwClvIMiWx4zV+pNLnUbmIgye0MfBvYaeS6oBJWaxlviCZqERiEp2BvPbsiJqCZmpzsmGub5vWtvRGbw19daHpZfxsZp2fcw9uluM5lZ1LZJEvRlmpGg3K4viXWa4N4y7KJHTMhZWOg1tIOk0SAigfbTU/yg=
Received: by 10.65.156.14 with SMTP id i14mr1096675qbo;
	Mon, 08 May 2006 08:25:20 -0700 (PDT)
Received: by 10.65.150.9 with HTTP; Mon, 8 May 2006 08:25:20 -0700 (PDT)
Message-ID: <df9ac37c0605080825s2fbdc376g16dfd671292b177a@mail.gmail.com>
Date: Mon, 8 May 2006 08:25:20 -0700
From: "Atom Powers" <atom.powers@gmail.com>
To: "Robert Fitzpatrick" <lists@webtent.net>
In-Reply-To: <1147020785.24620.31.camel@columbus.webtent.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <1147019550.24620.23.camel@columbus.webtent.org>
	<1147020785.24620.31.camel@columbus.webtent.org>
Cc: FreeBSD <freebsd-questions@freebsd.org>
Subject: Re: ibsh
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2006 15:25:21 -0000

Have you looked at the "scponly" shell?

On 5/7/06, Robert Fitzpatrick <lists@webtent.net> wrote:
> On Sun, 2006-05-07 at 12:32 -0400, Robert Fitzpatrick wrote:
> > Anyone using ibsh shell for locking users in to their home directory? I
> > just found out about this googling and installed the port on my FreeBSD
> > 6.0 box, but can't seem to get it working....
> >
> Sorry for posting to quickly, I found that merely editing
> the /etc/passwd file to change the shell did not get it done. I have
> ibsh shell working now, but something peculiar happening. I can login
> from my Linux box using ssh and all is as expected, but if I use the
> WinSCP program, commonly used by our staff, it does not believe there is
> an SFTP server running. Of course, logging in using WinSCP with a user
> of a different shell works perfectly. Here is ibsh commands I am
> allowing and the log from WinSCP...
>
> files# cat globals.cmds
> # Add any commands the user may execute. Even shell commands.
> # You have to allow logout and/or exit, so the user can logout!
> # cd and pwd should also be allowed. Note: other shell builtin
> # commands are not yet implemented!
> cd
> ls
> pwd
> logout
> exit
>
> . 2006-05-07 12:48:40.600 -----------------------------------------------=
---------------------------
> . 2006-05-07 12:48:40.600 WinSCP Version 3.7.6 (Build 306) (OS 5.2.3790 S=
ervice Pack 1)
> . 2006-05-07 12:48:40.600 Login time: Sunday, May 07, 2006 12:48:40 PM
> . 2006-05-07 12:48:40.600 -----------------------------------------------=
---------------------------
> . 2006-05-07 12:48:40.600 Session name: webtent@192.168.1.7
> . 2006-05-07 12:48:40.600 Host name: 192.168.1.7 (Port: 22)
> . 2006-05-07 12:48:40.600 User name: webtent (Password: Yes, Key file: No=
)
> . 2006-05-07 12:48:40.610 Transfer Protocol: SFTP (SCP)
> . 2006-05-07 12:48:40.610 SSH protocol version: 2; Compression: No
> . 2006-05-07 12:48:40.610 Agent forwarding: No; TIS/CryptoCard: No; KI: Y=
es; GSSAPI: No
> . 2006-05-07 12:48:40.610 Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: N=
o
> . 2006-05-07 12:48:40.610 Ping type: -, Ping interval: 30 sec; Timeout: 1=
5 sec
> . 2006-05-07 12:48:40.610 SSH Bugs: -,-,-,-,-,-,-,-
> . 2006-05-07 12:48:40.610 SFTP Bugs: -,-,-
> . 2006-05-07 12:48:40.610 Proxy: none
> . 2006-05-07 12:48:40.610 Return code variable: Autodetect; Lookup user g=
roups: Yes
> . 2006-05-07 12:48:40.621 Shell: default, EOL: 0
> . 2006-05-07 12:48:40.621 Local directory: default, Remote directory: hom=
e, Update: No, Cache: Yes
> . 2006-05-07 12:48:40.621 Cache directory changes: Yes, Permanent: Yes
> . 2006-05-07 12:48:40.621 Clear aliases: Yes, Unset nat.vars: Yes, Resolv=
e symlinks: Yes
> . 2006-05-07 12:48:40.621 Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No
> . 2006-05-07 12:48:40.621 -----------------------------------------------=
---------------------------
> . 2006-05-07 12:48:40.771 Looking up host "192.168.1.7"
> . 2006-05-07 12:48:40.781 Connecting to 192.168.1.7 port 22
> . 2006-05-07 12:48:40.831 Server version: SSH-2.0-OpenSSH_4.2p1 FreeBSD-2=
0050903
> . 2006-05-07 12:48:40.851 We claim version: SSH-2.0-WinSCP_release_3.7.6
> . 2006-05-07 12:48:40.861 Using SSH protocol version 2
> . 2006-05-07 12:48:40.881 Doing Diffie-Hellman group exchange
> . 2006-05-07 12:48:41.001 Doing Diffie-Hellman key exchange
> . 2006-05-07 12:48:42.273 Host key fingerprint is:
> . 2006-05-07 12:48:42.293 ssh-dss 2048 0a:59:6c:0f:b9:18:2b:68:1b:e0:5d:3=
b:d6:5a:e0:65
> . 2006-05-07 12:48:42.313 Initialised AES-256 client->server encryption
> . 2006-05-07 12:48:42.333 Initialised HMAC-SHA1 client->server MAC algori=
thm
> . 2006-05-07 12:48:42.353 Initialised AES-256 server->client encryption
> . 2006-05-07 12:48:42.373 Initialised HMAC-SHA1 server->client MAC algori=
thm
> ! 2006-05-07 12:48:42.413 Using username "webtent".
> ! 2006-05-07 12:48:42.523 Using keyboard-interactive authentication.
> . 2006-05-07 12:48:42.543 Password: prompt from server
> . 2006-05-07 12:48:42.563 Responding with stored password.
> . 2006-05-07 12:48:42.603 Access granted
> . 2006-05-07 12:48:42.623 Opened channel for session
> . 2006-05-07 12:48:42.653 Started a shell/command
> . 2006-05-07 12:48:42.673 -----------------------------------------------=
---------------------------
> . 2006-05-07 12:48:42.693 Using SFTP protocol.
> . 2006-05-07 12:48:42.724 Doing startup conversation with host.
> > 2006-05-07 12:48:42.744 Type: SSH_FXP_INIT, Size: 5, Number: -1
> . 2006-05-07 12:48:42.774 Server sent command exit status 0
> . 2006-05-07 12:48:42.794 All channels closed. Disconnecting
> . 2006-05-07 12:48:42.824 Server closed network connection
> * 2006-05-07 12:48:42.854 (ESshFatal) Cannot initialize SFTP protocol. Is=
 the host running a SFTP server?
> * 2006-05-07 12:48:42.854 Connection has been unexpectedly closed. Server=
 sent command exit status 0.
>
> --
> Robert
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o=
rg"
>


--
--
Perfection is just a word I use occasionally with mustard.
--Atom Powers--