Re: scp and sftp
hi ya
i'd do it with automounter w/ ssh ???
mount remote:/home/httpd/html /mnt/html
scp /home/user/new_site.html /mnt/html
sync
umount /mnt/html
mount is not needed if it is configured to auotmount
and <user> does NOT need shell account on the remote web server
you also cannot cd / on the remote pc either...
if remote.foo.com is locally accessible ( 192.168.xx ) to
user_pc.foo.com than its not a bigg issue... fairly simple
and sorta safe??
c ya
alvin
On Sun, 31 Mar 2002, Junichi Uekawa wrote:
> Jon McCain <jmccain@davlong.com> cum veritate scripsit:
>
> > I've been playing around with the scp and sftp components of putty and
> > noticed what I consider a security hole. Winscp does the same thing.
> > The user can change to directories above their home. Is there a way to
> > chroot them like you can in an ftp config file? I don't see anything in
> > the sshd config files. If you can't, how can I disable the scp
> > functionality? I'm not talking about scp from the linux box. The users
> > don't have shell access so that's not a problem. I'm referring to
> > remote people using a scp client to access my linux machine. You can
> > disable sftp ability by removing the sftp-server program but the scp
> > server part seems to be part of sshd.
>
> I'd be interested to know how you give scp access without
> giving shell access.
>
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: