[NBLUG/talk] ftpd

ME dugan at passwall.com
Sat Feb 15 19:12:00 PST 2003


error said:
> What are the possibilitys of locking down the ssh account so they can
> only use sftp/scp?
>
> I was informed that it's possible to have the user have a /bin/nologin
> and still copy files but I want to know how it works.
>
> Any ideas?

(Barring security holes in external services)
Is there any way for the scp/sftp user to force, or request the server to
run code or applications spefified by the scp/sftp user? If so, then there
is risk. If the scp/sftp user can run code under their own uid, then the
risk is increased.

One obvious example for the second case, depending upon how limits are
enabled... "chsh"

If a user can get a valid shell, they might be able to set up a separate
instance of sshd running/answering on an unpriv-ed port, and then once
they have a shell account...

> I believe it's possible but I do want to hear about people breaking out
> of sftp/scp jails.
>
> Any takers?

I think I'll skip this part. Maybe someone else will play. :-)
(I have too much reading and work to do. )-:

-ME





-- 
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++
L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ PGP++
t at -(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html
  Campus IT(/OS Security): Operating Systems Support Specialist Assistant




More information about the talk mailing list