Hi,
Hopefully, not too off-topic but I'm having trouble setting up a user account on a FreeBSD server (an OS I'm not greatly comfortably with yet), to use the scponly [http://www.sublimation.org/scponly/wiki/] shell.
I basically want to allow the account SFTP access, but not have an interactive login shell - so scponly looks like what I'm after.
I've set the user's login shell to be /usr/ports/shells/scponly and also added the shell to /etc/shells.
When I try to SFTP into the server with the user, though, I'm getting the "Received message too long 1416128883" error. Googling hasn't really helped much.
Anyone got any suggestions?
TIA,
Peter.
The SCPonly wiki is a bit out of date...
Have you tried SCP instead of SFTP?
The SCPonly mailing list is pretty good, so you may want to ask there.
Have you enabled logging? If so what messages do you get?
I take it you're not trying to use a chrooted jail? (Scponlyc)
Matt
-----Original Message----- From: main-bounces@lists.alug.org.uk [mailto:main-bounces@lists.alug.org.uk] On Behalf Of samwise Sent: 05 July 2009 16:27 To: ALUG Subject: [ALUG] using scponly shell
Hi,
Hopefully, not too off-topic but I'm having trouble setting up a user account on a FreeBSD server (an OS I'm not greatly comfortably with yet), to use the scponly [http://www.sublimation.org/scponly/wiki/] shell.
I basically want to allow the account SFTP access, but not have an interactive login shell - so scponly looks like what I'm after.
I've set the user's login shell to be /usr/ports/shells/scponly and also added the shell to /etc/shells.
When I try to SFTP into the server with the user, though, I'm getting the "Received message too long 1416128883" error. Googling hasn't really helped much.
Anyone got any suggestions?
TIA,
Peter.
_______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
2009/7/5 Mephi matthew.j.green@ntlworld.com:
The SCPonly wiki is a bit out of date...
Have you tried SCP instead of SFTP?
Yep. I get:
"This account is currently not available."
Which is also what I get when I try SSHing in (and is intended in that case).
The SCPonly mailing list is pretty good, so you may want to ask there.
Have you enabled logging? If so what messages do you get?
That's where I'm struggling .. not being very familiar with BSD, I'm struggling to work out where the logging would go and whether it's enabled.
I take it you're not trying to use a chrooted jail? (Scponlyc)
Matt
No, although that does look useful ... I wouldn't mind trying that out, but thought it best to get this bit working first.
Peter.
Have you tried: echo 2 > /usr/local/etc/scponly/debuglevel
I've got it working fine now on an Ubuntu machine, but I've never looked at FreeBSD...
Matt
-----Original Message----- From: samwise [mailto:samwise@bagshot-row.org] Sent: 05 July 2009 17:14 To: Mephi Cc: ALUG Subject: Re: [ALUG] using scponly shell
2009/7/5 Mephi matthew.j.green@ntlworld.com:
The SCPonly wiki is a bit out of date...
Have you tried SCP instead of SFTP?
Yep. I get:
"This account is currently not available."
Which is also what I get when I try SSHing in (and is intended in that case).
The SCPonly mailing list is pretty good, so you may want to ask there.
Have you enabled logging? If so what messages do you get?
That's where I'm struggling .. not being very familiar with BSD, I'm struggling to work out where the logging would go and whether it's enabled.
I take it you're not trying to use a chrooted jail? (Scponlyc)
Matt
No, although that does look useful ... I wouldn't mind trying that out, but thought it best to get this bit working first.
Peter.
samwise samwise@bagshot-row.org wrote:
I basically want to allow the account SFTP access, but not have an interactive login shell - so scponly looks like what I'm after.
[...]
Anyone got any suggestions?
Try rssh. It worked for me and I never quite got scponly to offer only sftp access reliably.
Hope that helps,
Hmm ... I need to take another look at this tonight.
I initially tried rssh, but didn't get too far with that either. I think it's my lack of BSD experience that's confusing the matter, more than anything.
Peter.
2009/7/6 MJ Ray mjr@phonecoop.coop:
samwise samwise@bagshot-row.org wrote:
I basically want to allow the account SFTP access, but not have an interactive login shell - so scponly looks like what I'm after.
[...]
Anyone got any suggestions?
Try rssh. It worked for me and I never quite got scponly to offer only sftp access reliably.
Hope that helps,
MJ Ray (slef) LMS developer and webmaster at | software www.software.coop http://mjr.towers.org.uk | .... co Notice http://mjr.towers.org.uk/email.html | .... op
main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
-
Mephi -
MJ Ray -
samwise