login about faq

I am not able to connect using openssh client scp command when terminal and commands are denied in Tectia Server.

asked Dec 17 '10 at 10:03

SSH%20KB's gravatar image

SSH KB ♦
509249246237


OpenSSH(and SunSSH) uses "rcp over ssh" for scp transfers, even when the SSH2 protocol is used, while SSH Tectia uses the IETF SECSH draft compliant method of "sftp over ssh" for scp2 transfers.

Enabling only commands will work fine in the server policy. As long as you know what commands will be run you can enable them in the server policy. Basically if you only use one command such as the following:
scp * user@10.34.0.52:
You can allow commands: "scp -d -t ." and "scp -t ." If you use other or multiple commands you will have to keep adding new allowed commands. For instance:
scp "file1" user@10.34.0.25:tester1.txt
needs the following command allowed: "scp -t tester1.txt"
scp "file1" user@10.34.0.25:tester2.txt
needs the following command allowed: "scp -t tester2.txt"
scp user@10.34.0.25: /
Will need: "scp -f ." As a result, if you want to allow any SCP command from an OpenSSH client, the only way to do this is to allow all commands. You can always restrict the users and/or IPs that can run these commands using selectors.
link

answered Dec 17 '10 at 10:04

SSH%20KB's gravatar image

SSH KB ♦
509249246237

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×12

Asked: Dec 17 '10 at 10:03

Seen: 4,156 times

Last updated: Dec 17 '10 at 10:04

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.