Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
RE: [suse-security] sftp without without a valid shell?
  • From: Boris Lorenz <bolo@xxxxxxx>
  • Date: Mon, 10 Dec 2001 12:18:59 +0100 (CET)
  • Message-id: <XFMail.011210121859.bolo@xxxxxxx>
Yup,

On 09-Dec-01 John Ritchie wrote:
> On Tue, 4 Dec 2001, Boris Lorenz wrote:
>
>> Hi John,
>>
>> On 01-Dec-01 John Ritchie wrote:
[...]
>> I've tried it on one of our linux boxes, and it doesn't work. The error:
>>
>> "Warning: ssh_packet_wrapper_input: invalid packet received: len 1819239269
>> closing the offending input channel."
>>
>> (Btw., the same error occurs with shells like false, noshell, etc.).
>>
>> Maybe Solaris "wraps" sftp/ssh sessions differently than Linux. According to
>> sftp's (Linux-)man page, sftp uses a sub-system from sshd to transfer files
>> securely. I don't know much about the ssh implementation on Solaris, tho.
>
> I remember encountering this error while testing but I got around it
> somehow. I'm thinking it had to do with versions of openssh (or maybe I
> saw that on the commercial SSH server?) or misconfigured sshd_config (sftp
> subservice not turned on?) or something like that. I'm sorry I don't
> remember the details; it's been several months and I didn't document it so
> it's gone. Sorry I can't be more exact.
>
> I tested using the sftp-server as shell on a SuSE 7.0 machine with openssh
> 2.9.9p2-27 and it worked for me. What version of ssh are you using?

my test box runs an older 2.0.13 sshd, patched, on top of a 2.2.20 kernel. I
will give it a try with the latest ssh version (unpatched, stable) and post the
results.

Btw., my sshd2_config looks good, sftp is enabled of course. It works neatly
with the ssh-dummy-shell and std shells (sh, bash, ksh, etc.).

> John

Boris Lorenz <bolo@xxxxxxx>

< Previous Next >
References