sftp and utmp
djm at mindrot.org
Tue Apr 4 20:10:41 AEST 2023
On Tue, 4 Apr 2023, Nico Kadel-Garcia wrote:
> > We've been asked about this a number of times before - the problem is
> > that utmp is really set up to record interactive logins that have a
> > TTY/PTY assigned. There is AFAIK no real standard for recording
> > "service logins" (e.g. sftp or SSH command execution w/o TTY) in utmp
> > and many OS utmp implementation lack fields by which this could be
> > communicated.
> > IIRC we toyed with recording something fake like "sftp" in ut_line
> > but that caused problems as none of the other tools were set up to
> > accept it.
> sftp has some awkward limitations, as does scp. It's why I prefer were
> possible to use rsync-over-SSH, and we can restrict the rsync options
> quite heavily. It's even possible to chroot wrap, though that toolkit
> has not been well maintained.
rsync doesn't solve the problem being presented here, as it runs without
a PTY and so never ends up being recorded in utmp either.
More information about the openssh-unix-dev