sftp with a user defined shell

Ben Lindstrom mouring at etoh.eviladmin.org
Wed Aug 18 07:06:29 EST 2004


There is one major difference in sftp vs ftp.

ftp uses the $SHELL as an "allow or disallow" switch.  Where as ssh
actually calles the user's $SHELL to run sftp-server.

Thus if you have any garabage being displayed during an non-interactive
login (Eg output if you run: ssh site.com true) it will stop sftp-server
from working correctly.

- Ben


 On Tue, 17 Aug 2004, Srinivas Gopaladasu wrote:

> Hi,
>
> I have a different behavior using sftp compared to ftp for a user with a
> user defined shell on a solaris machine.
>
> ftp rejects any user having a user defined shell.
> sftp is allowing the user with user defined shell, unfortunately as the
> sftp client bails out saying the following message:
> "Received message too long 537548147"
>
> Is it because the user shell, outputting lot of text?
>
> I am OK with this behaviour, if no traces of the initiated session is
> left behind.
> But the problem for me is that the user shell is left behind running
> myuser1   7015  0.1  0.1 1680 1256 ?        S 12:38:03  0:00 /bin/csh
> /bin/my_sh -c /opt/openssh/libexec/sftp
>
> As my_sh needs a tty and because of a bug in that, it runs in a while
> loop and takes up lot of cpu.
>
> If only sftp supports only the shells returned from "getusershell"
> function, sftp would be consistent with ftp and my problem will be solved.
> Do we have any patch for this?
>
> I appreciate any thoughts, comments and help to solve my problem.
>
> Thanks
> Srini
>
>
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>




More information about the openssh-unix-dev mailing list