Source: dput Version: 1.1.0 Severity: important X-Debbugs-Cc: raph...@freexian.com
This is the equivalent of #1011063 for dput instead of dput-ng. When you run dput with openssh >= 9, and when dput is configured to use "scp", "scp" will rely on the sftp protocol to do its job (unless you pass the -O command line parameter). When the server side has configured a forced command to restrict scp to a specific directory (which is a good practice given scp's deficiencies), then scp will badly fail. Here's an example script that is configured with a ForceCommand associated to the SSH key used for upload: ---- #!/bin/sh case "$SSH_ORIGINAL_COMMAND" in scp\ *) exec scp -p -d -t /srv/deb.freexian.com/extended-lts/incoming ;; chmod\ *) find /srv/deb.freexian.com/extended-lts/incoming -user $(whoami) -type f | xargs --no-run-if-empty chmod 0644 exit 0 ;; *) echo "ERROR: Forbidden command: $SSH_ORIGINAL_COMMAND" echo "This SSH access can only be used to upload Debian packages." exit 1 ;; esac ---- A recent scp will call /usr/lib/sftp-server as the remote command and the case will match the third case and the sftp protocol will be confused by the answer. There's no good way to tweak that script to force sftp-server to be restricted to a specific directory. So either you switch to always "sftp" and do some other setup to restrict sftp (with the Chroot directive), or you switch to "always plain scp" by passing -O when you call scp. Thus I'm suggesting that dput starts passing -O to scp when it detects a recent OpenSSH. Or at least that it offers a way to pass command line options to scp. AfAIK ssh_config_options does not work for this. I's not an option that can be passed to "-o" and it's really specific to scp and not to ssh (which also gets called for the chmod IIRC). Note that my "proper" fix to this regression has been to force usage of sftp and to restrict sftp-server to a chroot, but dput has no support of sftp so I had to switch to dput-ng. It would certainly makes sense for dput to gain an sftp method! Cheers, -- System Information: Debian Release: bookworm/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'oldoldstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.17.0-1-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled