Strange interaction of sftp and protocol version 1
Gordon Rowell
gordonr at e-smith.com
Mon May 21 22:34:23 EST 2001
On Mon, May 21, 2001 at 10:27:36PM +1000, Damien Miller <djm at mindrot.org> wrote:
> [...]
> If your goal is to prevent sftp access, then delete or rename the
> sftp binary.
No such goal, just a surprising result (to me) that allowing protocol
version 1 enabled sftp regardless of the configuration.
Which raises the issue that the default path to subsystems is
/usr/libexec, whereas they are installed in (under Linux at least) in
/usr/libexec/openssh
Is that intentional or is sftp meant to work "out of the box" for V1?
> Recognise though that allowing ssh access is going to
> implicitly allow file transfer in almost all cases anyway.
Sure.
Thanks,
Gordon
--
Gordon Rowell gordonr at e-smith.com
http://www.e-smith.org (development) http://www.e-smith.com (corporate)
e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada
More information about the openssh-unix-dev
mailing list