A project I'm on requires I upload some files to a vendor's remote server. I requested a secure connection, and suggested scp or https or sftp. In response, they stated they could grant me ssh access, but they didn't support scp.
I know you can have scp access without ssh access (via, say, http://sublimation.org/scponly/ ), but hadn't heard of ssh without scp before.
Aside from the question of why have the setup this way, is this possible? ssh without scp?
Answer
Apparently, it is possible (according to post #3 at that link). The trick is in the authorized_keys file format. There are several options that allow the server to restrict SSH features based on what key was used to authenticate. The "command=" option allows the server administrator to attach a restriction on the public key -- something like
"any incoming connections that authenticate with this key will execute this command, regardless of what command might have been requested by the user".
It might prevent the execution of standard SCP and SFTP, but if it provides an interactive shell there's probably a way around it:
$ ssh user@host 'cat /some/where/whatiwant.txt' > igotit.txt
No comments:
Post a Comment