sftp issue

Darren Tucker dtucker at zip.com.au
Thu Jan 4 14:31:54 EST 2007


Panchacharam, Sathiyaseelan non Unisys wrote:
> I have problem in sftp using a user exn the sftp -v output is given
> below. Could someone help me in this?
> 
> The user detail is as follows. The shell we are using is /bin/false is
> it creating problem?

Yes.  sshd tries to run sftp-server using the user's shell (via the "-c"
option) which doesn't work with /bin/false as the shell.

You have a few options:

1) set the user's shell to be /path/to/sftp-server.  This works with
current versions but it's not very elegant.

2) If you're using OpenSSH 4.4 or up, you can set a real shell then use
"Match User exn" then "ForceCommand /path/to/sftp-server" in
sshd_config.  This will only restrict access via ssh though, so if the
user has access to, eg, telnet, they'll get a shell.

3) Use one of the restricted shells built for this purpose (eg scponly
or rssh).

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list