Do you have a question? Post it now! No Registration Necessary. Now with pictures!
October 7, 2003, 2:13 pm
rate this thread
I have openssh on win32 and can connect to it with passphraseless key
exchange with no problem to run commands or scp to or from, as long as
I put a stupid number of \ in.
However, I wanted to be able to lock this access down for both
auditing and access reasons. On unix I have a script restrict.sh
which permits scp either way and scripts in a certain location to be
run and this works fine when specified in the authorized_keys file
command="/path/restrict.sh", no-pty (etc)
I have written an equivalent script in perl, restrict.pl, and this
works equally well for all purposes on UNIX.
So I installed it onto the Win2k system and I am having some success with
command="cmd.exe /C c:\path\restrict.pl", no-pty (etc)
This is running allowed commands ok, although STDOUT never seems to
get back to the calling window but I can live with that.
scp, though, is hanging:
debug1: Remote: Forced command: cmd.exe /C
debug1: Remote: Pty allocation disabled.
debug1: ssh-userauth2 successful: method publickey
debug1: fd 4 setting O_NONBLOCK
debug1: fd 5 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug1: send channel open 0
debug1: Entering interactive session.
debug2: callback start
debug1: ssh_session2_setup: id 0
debug1: Sending command: scp -v -t c:\temp
debug1: channel request 0: exec
debug2: callback done
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072
forever. Until I kill it.
Does anyone have any ideas why that might be? I've tried the example
scp_wrapper script from the SSH book website and that just dies in
weirder ways (lost connection). I've tried cmd.exe with /C, with no
parameters and with /K and /C is the only one that works for ssh
commands and it doesn't hang, but does the 'lost connection' thing for
I also tried using cygwin 'sh -c' instead of 'cmd.exe /C' (with evern more
\ added) but the results were the same - it hangs as soon as the
restrict.pl script does the system call to the scp -t command.
I'm a bit lost for ideas and way outside the remit of any FAQs I've found.
Does anyone have any suggestions?
Still prettiest by far.
Re: Win32 SCP problems
Why \? I use / for almost everything in Win32 with no problems. Only
the command interpreter should care.
Are you using cygwin?
If you're using cygwin, I wonder if you would have any better luck
running perl directly (rather than cmd.exe), or by running bash.
I've never tried to do this at home (where the win32 box is). I'll try
to do this, but I don't know if I'll get a chance very quickly.
Darren Dunham email@example.com
Unix System Administrator Taos - The SysAdmin Company
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum