Date: Mon, 8 May 2006 08:25:20 -0700 From: "Atom Powers" <atom.powers@gmail.com> To: "Robert Fitzpatrick" <lists@webtent.net> Cc: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: ibsh Message-ID: <df9ac37c0605080825s2fbdc376g16dfd671292b177a@mail.gmail.com> In-Reply-To: <1147020785.24620.31.camel@columbus.webtent.org> References: <1147019550.24620.23.camel@columbus.webtent.org> <1147020785.24620.31.camel@columbus.webtent.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Have you looked at the "scponly" shell? On 5/7/06, Robert Fitzpatrick <lists@webtent.net> wrote: > On Sun, 2006-05-07 at 12:32 -0400, Robert Fitzpatrick wrote: > > Anyone using ibsh shell for locking users in to their home directory? I > > just found out about this googling and installed the port on my FreeBSD > > 6.0 box, but can't seem to get it working.... > > > Sorry for posting to quickly, I found that merely editing > the /etc/passwd file to change the shell did not get it done. I have > ibsh shell working now, but something peculiar happening. I can login > from my Linux box using ssh and all is as expected, but if I use the > WinSCP program, commonly used by our staff, it does not believe there is > an SFTP server running. Of course, logging in using WinSCP with a user > of a different shell works perfectly. Here is ibsh commands I am > allowing and the log from WinSCP... > > files# cat globals.cmds > # Add any commands the user may execute. Even shell commands. > # You have to allow logout and/or exit, so the user can logout! > # cd and pwd should also be allowed. Note: other shell builtin > # commands are not yet implemented! > cd > ls > pwd > logout > exit > > . 2006-05-07 12:48:40.600 -----------------------------------------------= --------------------------- > . 2006-05-07 12:48:40.600 WinSCP Version 3.7.6 (Build 306) (OS 5.2.3790 S= ervice Pack 1) > . 2006-05-07 12:48:40.600 Login time: Sunday, May 07, 2006 12:48:40 PM > . 2006-05-07 12:48:40.600 -----------------------------------------------= --------------------------- > . 2006-05-07 12:48:40.600 Session name: webtent@192.168.1.7 > . 2006-05-07 12:48:40.600 Host name: 192.168.1.7 (Port: 22) > . 2006-05-07 12:48:40.600 User name: webtent (Password: Yes, Key file: No= ) > . 2006-05-07 12:48:40.610 Transfer Protocol: SFTP (SCP) > . 2006-05-07 12:48:40.610 SSH protocol version: 2; Compression: No > . 2006-05-07 12:48:40.610 Agent forwarding: No; TIS/CryptoCard: No; KI: Y= es; GSSAPI: No > . 2006-05-07 12:48:40.610 Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: N= o > . 2006-05-07 12:48:40.610 Ping type: -, Ping interval: 30 sec; Timeout: 1= 5 sec > . 2006-05-07 12:48:40.610 SSH Bugs: -,-,-,-,-,-,-,- > . 2006-05-07 12:48:40.610 SFTP Bugs: -,-,- > . 2006-05-07 12:48:40.610 Proxy: none > . 2006-05-07 12:48:40.610 Return code variable: Autodetect; Lookup user g= roups: Yes > . 2006-05-07 12:48:40.621 Shell: default, EOL: 0 > . 2006-05-07 12:48:40.621 Local directory: default, Remote directory: hom= e, Update: No, Cache: Yes > . 2006-05-07 12:48:40.621 Cache directory changes: Yes, Permanent: Yes > . 2006-05-07 12:48:40.621 Clear aliases: Yes, Unset nat.vars: Yes, Resolv= e symlinks: Yes > . 2006-05-07 12:48:40.621 Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No > . 2006-05-07 12:48:40.621 -----------------------------------------------= --------------------------- > . 2006-05-07 12:48:40.771 Looking up host "192.168.1.7" > . 2006-05-07 12:48:40.781 Connecting to 192.168.1.7 port 22 > . 2006-05-07 12:48:40.831 Server version: SSH-2.0-OpenSSH_4.2p1 FreeBSD-2= 0050903 > . 2006-05-07 12:48:40.851 We claim version: SSH-2.0-WinSCP_release_3.7.6 > . 2006-05-07 12:48:40.861 Using SSH protocol version 2 > . 2006-05-07 12:48:40.881 Doing Diffie-Hellman group exchange > . 2006-05-07 12:48:41.001 Doing Diffie-Hellman key exchange > . 2006-05-07 12:48:42.273 Host key fingerprint is: > . 2006-05-07 12:48:42.293 ssh-dss 2048 0a:59:6c:0f:b9:18:2b:68:1b:e0:5d:3= b:d6:5a:e0:65 > . 2006-05-07 12:48:42.313 Initialised AES-256 client->server encryption > . 2006-05-07 12:48:42.333 Initialised HMAC-SHA1 client->server MAC algori= thm > . 2006-05-07 12:48:42.353 Initialised AES-256 server->client encryption > . 2006-05-07 12:48:42.373 Initialised HMAC-SHA1 server->client MAC algori= thm > ! 2006-05-07 12:48:42.413 Using username "webtent". > ! 2006-05-07 12:48:42.523 Using keyboard-interactive authentication. > . 2006-05-07 12:48:42.543 Password: prompt from server > . 2006-05-07 12:48:42.563 Responding with stored password. > . 2006-05-07 12:48:42.603 Access granted > . 2006-05-07 12:48:42.623 Opened channel for session > . 2006-05-07 12:48:42.653 Started a shell/command > . 2006-05-07 12:48:42.673 -----------------------------------------------= --------------------------- > . 2006-05-07 12:48:42.693 Using SFTP protocol. > . 2006-05-07 12:48:42.724 Doing startup conversation with host. > > 2006-05-07 12:48:42.744 Type: SSH_FXP_INIT, Size: 5, Number: -1 > . 2006-05-07 12:48:42.774 Server sent command exit status 0 > . 2006-05-07 12:48:42.794 All channels closed. Disconnecting > . 2006-05-07 12:48:42.824 Server closed network connection > * 2006-05-07 12:48:42.854 (ESshFatal) Cannot initialize SFTP protocol. Is= the host running a SFTP server? > * 2006-05-07 12:48:42.854 Connection has been unexpectedly closed. Server= sent command exit status 0. > > -- > Robert > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" > -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?df9ac37c0605080825s2fbdc376g16dfd671292b177a>