SFTP clients not sending sftp-server fill path
Brought to you by:
xystrus
From: MegaZone <meg...@me...> - 2004-01-19 22:13:31
|
I believe I'm running into the same issue covered in this email from last August: ---cut--- > Sep 1 22:34:56 unreal rssh[21732]: allowing sftp to user sftptest > Sep 1 22:34:56 unreal rssh[21732]: user sftptest attempted to > execute forbidden commands > Sep 1 22:34:56 unreal rssh[21732]: command: sftp-server This is because rssh is expecting the sftp client to pass it the full path to the sftp-server. What are you using on the client side? If you're using the OpenSSH sftp client, it SHOULD do that. But I guess there's no guarantee... I have run into this problem with certain clients, and I have fixed this in 2.1.2, which I haven't released yet. I believe it's ready for release, but the reason I haven't released it yet is because I added code to allow cvs, rsync, and rdist, which I have not had time to test. ---cut--- My log: Jan 19 15:39:37 techsrvc rssh[4791]: user sftptest attempted to execute forbidden commands Jan 19 15:39:37 techsrvc rssh[4791]: command: sftpserv Jan 19 15:39:39 techsrvc sshd(pam_unix)[4790]: session closed for user sftptest The server is Red Hat 8.0 with OpenSSH 3.4p1 with rssh 2.1.1 installed from RPM. The client is FreeBSD 4.8-Stable with OpenSSH 3.5p1 and sftp 0.9.7. It looks like the sftp client is just sending 'sftpserv'. The real parh on my RH8 box is - /usr/libexec/openssh/sftp-server It does seem to be working OK from SecureFX on WinXP and from another RH8.0 box. So it would appear to be the client on FreeBSD. -MZ, RHCE #806199299900541, ex-CISSP #3762 -- <URL:mailto:megazoneatmegazone.org> Gweep, Discordian, Author, Engineer, me. "A little nonsense now and then, is relished by the wisest men" 508-755-4098 <URL:http://www.megazone.org/> <URL:http://www.eyrie-productions.com/> Eris |