On Sat, Mar 30, 2002 at 10:24:28PM -0500, Jon McCain wrote:
> I've been playing around with the scp and sftp components of putty and
> noticed what I consider a security hole.  Winscp does the same thing. 
> The user can change to directories above their home.  Is there a way to
> chroot them like you can in an ftp config file?  I don't see anything in
> the sshd config files.  If you can't, how can I disable the scp
> functionality?  I'm not talking about scp from the linux box.  The users
> don't have shell access so that's not a problem.  I'm referring to
> remote people using a scp client to access my linux machine.  You can
> disable sftp ability by removing the sftp-server program but the scp
> server part seems to be part of sshd.
> I did not see anything about this issue on the openssh web site. 
> Anybody got any suggestions?

With the following commands, you can copy files without "scp":

  $ cat localfile | ssh somehost "cat > /somedir/remotefile"
  $ ssh somehost "cat /somedir/remotefile" > localfile

So, it seems unusefull to disable "scp" and enable "ssh"...

with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to