SFTP to /bin/false account?

[Cole Tuininga]

On Mon, 2004-03-15 at 15:28, Derek Martin wrote:
> > 1) During compilation, I got a couple of errors that tell me:
> > 
> > Using 'getpwuid' in statically linked applications requires at runtime
> > the shared libraries from the glibc version used for linking
> > 
> > Should I be concerned?
> 
> Probably.  Are you running OpenSSH 3.4 or older?

Ayup.  On debian (mostly) woody.

>   If so, rssh will
> compile statically to work around a security hole.  I highly recommend
> upgrading to OpenSSH 3.5 or later.  In that case, there is no need to
> compile statically.
> 
> For details, see http://www.pizzashack.org/rssh/security.shtml

Ayup - I read that.  I was trying to just let it compile the static
version.   This may just be because my test box is running a nasty
combination of some glibc (and related) stuff from unstable and the 
mostly comes from stable.  I tried it on a strictly stable box and
didn't get the warning so I'm going to assume everything's hunky dory. 
Thanks for the help.

> > 2) I've tried setting it up as a shell for a test user.  However, it
> > seems to be not allowing me to sftp or scp?  
> 
> RTFM...  :)

Ayup - didn't notice initially that it came with man pages.  I found
them and things fell into place quick.  8)

Thanks again for all the help.

-- 
"... one of the main causes of the fall of the Roman Empire was that,
 lacking zero, they had no way to indicate successful termination of
 their C programs."  --  Robert Firth

Cole Tuininga
Lead Developer
Code Energy, Inc
colet at code-energy.com
PGP Key ID: 0x43E5755D