sftp client

[Darren Moffat]

>On Thu, Feb 08, 2001 at 09:57:48PM -0600, mouring at etoh.eviladmin.org wrote:
>> I really wish we could drop the requirement for the user's shell for
>> subsystem
>
>no, i don't want to drop this.
>
>the shell sets umask or is used for access control, e.g. /bin/false.

Would you agree that the only reason to run the users shell is to set
the umask ?

Since you don't like the suggestion of using .ssh/environment (which I
agree with since umask is not an environment variable).  What about having
the umask set in .ssh/rc ?

As for the access control I would have to say that this is an abuse of
the name service getpwnam() call.  This is what PAM was designed for
and also what the User/Group list support in sshd is for.

Or do you have other reasons for wanting the shell to be run ?

--
Darren J Moffat