"Fossies" - the Fresh Open Source Software Archive

Member "scponly-20110526/README" (22 Dec 2005, 4047 Bytes) of package /linux/privat/old/scponly-20110526.tgz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 
    2 3debe8e4f1c654a658b48dfdc5c2cf9d
    3 http://sublimation.org/scponly
    4 
    5 "scponly" is an alternative 'shell' (of sorts) for system
    6 administrators who would like to provide access to remote users to
    7 both read and write local files without providing any remote
    8 execution privileges.  Functionally, it is best described as a
    9 wrapper to the mostly trusted suite of ssh applications.
   10 
   11 A typical usage of scponly is in creating a semi-public account not
   12 unlike the concept of anonymous login for ftp.  This allows an
   13 administrator to share files in the same way an anon ftp setup
   14 would, only employing all the protection that ssh provides.  This is
   15 especially significant if you consider that ftp authentications
   16 traverse public networks in a plaintext format.
   17 
   18 Instead of just a single anon user, scponly supports configuring
   19 potentially many users, each of which could be set up to provide
   20 access to distinct directory trees.  Aside from the installation details
   21 (see INSTALL), each of these users would have their default shell in
   22 /etc/passwd set to "/usr/local/sbin/scponly" (or wherever you choose
   23 to install it).  This would mean users with this shell can neither
   24 login interactively nor execute commands remotely.  They can however,
   25 scp files in and out, governed by the usual unix file permissions.
   26 
   27 Some Features:
   28 ==============
   29 
   30 - logging:  scponly logs time, client IP address, username, and the 
   31 actual request to syslog.
   32 
   33 - choot: scponly can chroot to the user's home directory (or any 
   34 other directory the user has permissions for), disallowing access 
   35 to the rest of the filesystem.  
   36 
   37 - sftp compatibility.  my testing of sftp against an scponly user 
   38 worked great.  this is probably the cleanest and most usable way 
   39 for an scponly user to access files.
   40 
   41 - sftp logging: if the ./configure directive 
   42 "--enable-sftp-logging-compat" is used, scponly will support sftp 
   43 logging
   44 
   45 - WinSCP 2.0/3.0 compatibility.
   46 
   47 - gftp compatibility
   48 
   49 - rsync compatibility
   50 
   51 - security checks: root login is disallowed (though root
   52 should never be configured to be using scponly as the default shell.)
   53 scponly also checks the ownership of directories before chroot-ing
   54 into them.
   55 
   56 How it works: 
   57 ============= 
   58 If you were to examine the arguments passed to a shell by sshd upon
   59 opening a remote connection, the structure of the argument vector
   60 invariably looks like this:
   61 
   62 <shell name> -c <remote command>
   63 
   64 scponly validates remote requests by examining the third argument.  
   65 scponly also verifies the request by disallowing what a normal
   66 shell would interpret as "special characters".  This prevents
   67 someone from piggybacking additional commands onto a valid scp
   68 request.  It may seem that using scponly would prevent using scp to
   69 copy files that really do contain special characters.  However,
   70 copying files with special characters in their names can be
   71 accomplished by using wildcards (which are allowable characters) to
   72 match the filenames.
   73 
   74 scponly doesnt do anything to manage read/write permissions.  The
   75 ssh applications already do that just fine.  If you use scponly, be
   76 aware that good old unix file permissions are still doing the work
   77 of protecting your files.
   78 
   79 
   80 MAY 2002 ADDENDUM:
   81 	I've since discovered that ssh.com's commercial ssh offering 
   82 supports BOTH "dummy users" as well as scponly-ish functionality.  I
   83 have not been able to find any notes on these features, but I did read
   84 that they exist.  I will make a point to include more information later.
   85 It appears that OpenSSH does not yet support these features.  At this time,
   86 I have no plans to end-of-life scponly, though ultimately, I recognize
   87 that scponly should eventually become just a feature of whichever sshd 
   88 you may run.
   89 
   90 NOV 2003 ADDENDUM:
   91 	OpenSSH still doesnt support configurable chrooting for users OR
   92 disallowing interactive login.  
   93 
   94 NOV 2004 ADDENDUM:
   95 	OpenSSH still doesnt support configurable chrooting for users OR
   96 disallowing interactive login.  
   97 
   98 DEC 2005 ADDENDUM:
   99 	OpenSSH still doesnt support configurable chrooting for users OR
  100 disallowing interactive login.  
  101 
  102