SFTP to /bin/false account?
Cole Tuininga
colet at code-energy.com
Mon Mar 15 21:26:01 EST 2004
On Mon, 2004-03-15 at 15:28, Derek Martin wrote:
> > 1) During compilation, I got a couple of errors that tell me:
> >
> > Using 'getpwuid' in statically linked applications requires at runtime
> > the shared libraries from the glibc version used for linking
> >
> > Should I be concerned?
>
> Probably. Are you running OpenSSH 3.4 or older?
Ayup. On debian (mostly) woody.
> If so, rssh will
> compile statically to work around a security hole. I highly recommend
> upgrading to OpenSSH 3.5 or later. In that case, there is no need to
> compile statically.
>
> For details, see http://www.pizzashack.org/rssh/security.shtml
Ayup - I read that. I was trying to just let it compile the static
version. This may just be because my test box is running a nasty
combination of some glibc (and related) stuff from unstable and the
mostly comes from stable. I tried it on a strictly stable box and
didn't get the warning so I'm going to assume everything's hunky dory.
Thanks for the help.
> > 2) I've tried setting it up as a shell for a test user. However, it
> > seems to be not allowing me to sftp or scp?
>
> RTFM... :)
Ayup - didn't notice initially that it came with man pages. I found
them and things fell into place quick. 8)
Thanks again for all the help.
--
"... one of the main causes of the fall of the Roman Empire was that,
lacking zero, they had no way to indicate successful termination of
their C programs." -- Robert Firth
Cole Tuininga
Lead Developer
Code Energy, Inc
colet at code-energy.com
PGP Key ID: 0x43E5755D
More information about the gnhlug-discuss
mailing list