'Re: sftp Subsystem failure'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secure-shell
Subject:    Re: sftp Subsystem failure
From:       Ben Lindstrom <mouring () etoh ! eviladmin ! org>
Date:       2002-11-26 16:52:03
[Download RAW message or body]


The issue is that subsystems use your shell to run the command.  As part
of that it will run the non-interactive aspects of your startup scripts.

[..]
       When an interactive shell that is not  a  login  shell  is
       started,  bash reads and executes commands from ~/.bashrc,
       if that file exists.  This may be inhibited by  using  the
       --norc  option.   The --rcfile file option will force bash
       to  read  and  execute  commands  from  file  instead   of
       ~/.bashrc.

So putting stuff like 'echo' statements in .bashrc is wrong behavior.

[..earily in the manpage..]
       When  bash is invoked as an interactive login shell, or as
       a non-interactive shell with the --login option, it  first
       reads and executes commands from the file /etc/profile, if
       that file exists.  After reading that file, it  looks  for
       ~/.bash_profile,  ~/.bash_login,  and  ~/.profile, in that
       order, and reads and executes commands from the first  one
       that  exists  and is readable.  The --noprofile option may
       be used when the shell is started to inhibit  this  behav
       ior.

Those 3 are better options.

- Ben

On Tue, 26 Nov 2002, Dennis Puk wrote:

> We also noted this problem. We determined that it was due to the user
> having some echo statements in his .bashrc. e.g. echo "test" in your
> ..bashrc will produce that same behavior. But we do not know what is wrong
> actually.
> Using the SSH Comm sftp2 Windows client produces same error as you got.
>
> On the command line (sftp2 client from OpenSSH on Solaris platform):
>
> userA@hostA:~[500]$ sftp userB@hostB
> Connecting to hostB...
> userB@hostB's password:
> Received message too long 1952805748
>
>
>
> Craig A Summerhill said:
> > Hi,
> >
> > Server:   Red Hat Linux 7.3 on i686 dual processor
> > Desktop:  Windows 2000 Professional w/ SSH 3.0.0 (Build 203)
> >
> > We are experiencing an odd problem when trying to open an SFTP
> > Subsystem for one particular user account on a server.  All other  user
> > accounts on the server work fine with sftp, but this one
> > account in particular repeatedly generates an error.  This is the
> > sequence which causes the error:
> >
> >    1) logon to the server using ssh
> >    2) click "New File Transfer Window" button on the
> >       application toolbar, or choose "New File Transfer"
> >       from the "Window" menu.
> >    3) a new window is opened for file transfer, followed
> >       immediately by an alert dialog stating "Connection
> >       was lost."  After clicking "OK" you get a second
> >       dialog window which reads: "File transfer server
> >       could not be started or exited unexpectedly.  Exit
> >       value 0 was returned."
> >
> > I believe the problem may be related to the shell environment for  the
> > account.  Since the account in question is linked to a rather
> > complicated piece of third party software we're license, I am loathe  to
> > make any changes to the shell environment for the account.  I
> > have no way of knowing what problems might result with the
> > software later on.
> >
> >
> > This, I believe, is the crux of the matter:  two accounts are sharing
> > the same $HOME directory.  (I believe the company who licenses this
> > package to us has done this to provide a little bit of "dummy-proofing"
> > between the local sys admins logging into the system and the UID that
> > actually is required to run the daemon process(es) for this package.)
> >
> > In step one above, the user logs into the server using one account  name
> > (let's say "aaa").  However, all files in the $HOME directory  for this
> > user are owned by another account (let's say "bbb").  The  /etc/password
> > lists the same directory as $HOME for both accounts,  but if you login
> > as "aaa" and issue a "whoami" command it returns  "bbb", even after you
> > have logged into a terminal with "aaa."  All  files touched following
> > login by "aaa" are actually owned by "bbb"  and reside in group "bbb" as
> > well.
> >
> > I figure the problem here is a result of the encrypted key not
> > matching correctly because the account string "aaa" is part of
> > the encryption key.  This explains exit status 0.  In fact it is
> > working correctly.  Or perhaps, the problem is related to file
> > permissions in reading configurations?
> >
> > Is there a way to manually configure an sftp Subsystem to understand
> > that the Subsystem should be started up as user "aaa" even though the
> > shell environment is a restricted one for account "bbb"?  I have
> > noticed that a directory named .ssh is created in the $HOME directory
> > of accounts after they connect to the server using SSH.  But the
> > .ssh directory is empty.  Can I create a custom or local sshrc file  or
> > something to store locally that will work around this problem?
> >
> >
> > I am hoping you might provide some guidance in this rather complicated
> > problem.  Thanks in advance for your consideration of this matter. --
> >
> >    Craig A. Summerhill
> >    Applications Development Librarian
> >    University of Nevada, Reno
> >    Getchell Library 174A / Mail Stop 322
> >    1664 North Virginia Street
> >    Reno, NV   89557-0042
> >
> >       (775) 784-6500 x227
> >       <summerhi@unr.edu>
>
>
> --
> Dennis Puk
> School of Computing
> National University of Singapore
>
> <---No God, No Peace. Know God, Know Peace--->
>
>
>
>

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic