2002-10-09-13:04:10 Johan De Meersman: > Perhaps there's a good reason, but one of the things I find > annoying in ssh, is that scp requires a valid shell for the > destination user - dunno if the same is true for sftp.
Not sure about sftp myself, but scp and rsync-over-ssh are doing the
same exact trick: transferring a file by having the client contact
the server with "ssh servername command args", where "command" is
scp or rsync respectively, and the args are special internal private
args that make the client act as a slave for transfers.
You can make an ssh setup, where the privilege that the client has
is _only_ good for scp, or for rsync, by restricting the command
using the "command=" option in the authorized_keys file. This option
allows you to nail down what command may be executed when logging in
on a given public key.
If you only want to permit a single, specific file transfer, then
run it once with
command=/path/to/wrapper ...
where the wrapper script looks like
#!/bin/sh
echo "$SSH_ORIGINAL_COMMAND" >/tmp/foo
exec $SSH_ORIGINAL_COMMAND
and see what that command looks like, and substitute it right in to
the authorized_keys file, args and all. If you want to allow
limited, restricted copying of only certain files, in only certain
directions, a little experimenting will tell you which args in the
command will be varying and how they'll be varying, then you can
make your wrapper check and confirm that it's a command you want to
allow before running it.
-Bennett
msg08651/pgp00000.pgp
Description: PGP signature
