1748126 Members
3061 Online
108758 Solutions
New Discussion юеВ

Re: scp user

 
SOLVED
Go to solution
Ignite_2
Frequent Advisor

scp user

Hello experts,

Can you please give me a hint? I was asked to create scp user for HP-UX 11.11 with following sw installed:
> /usr/sbin/swlist | grep -i -e secure -e ssh
OpenSSL A.00.09.07e.012 Secure Network Communications Protocol
T1471AA A.04.00.002 HP-UX Secure Shell

Is it possible to create only scp user with this secure shell? Or should I install SSH and use the script inclluded there (for chrooted user) - but chroot isn't needed here, just ssh has to be disabled.
6 REPLIES 6
Johnson Punniyalingam
Honored Contributor
Solution

Re: scp user

No such thing called <>

if you installed SSH,

you will be using "sftp,scp," command to file transfer .

rcp "remote copy" is the equalent to "scp" under secured mode "other why its called scp"

rcp "will be disable due some "security and audit issues"

Hope this helps,

Johnson
Problems are common to all, but attitude makes the difference
Aneesh Mohan
Honored Contributor

Re: scp user


Hi,

I belive If you disabled ssh (using wrappers/filter)it may impact scp also.

You can configure sftp only using chroot for secure file transfering.

see this.
/opt/ssh/utils/ssh_chroot_setup.sh


Aneesh
Kapil Jha
Honored Contributor

Re: scp user

as far as i think they must be diabling the rcp and to enable scp they want a user to be created which would login to servers without passwd [ssh-keygen].

Is this you looking for?

BR,
Kapil+
I am in this small bowl, I wane see the real world......
Ignite_2
Frequent Advisor

Re: scp user

Hi,

Yes, user should work with ssh keys, which is not a problem. But SSH connection needs to be disabled - only scp. Probably this is not possible.
Peter Nikitka
Honored Contributor

Re: scp user

Hi,

using the same connection, it's not possible to to disable ssh on a configuration base, I think.
If nearly no user should be able to call ssh, restrict the execute permissions on the executable (remove 'execute for world'). That way only group members of the ssh-group can call 'ssh'.

mfG Peter
The Universe is a pretty big place, it's bigger than anything anyone has ever dreamed of before. So if it's just us, seems like an awful waste of space, right? Jodie Foster in "Contact"
Kapil Jha
Honored Contributor

Re: scp user

inetd.sec is the file i think you looking for, you can restrict various things fromt his.

BR,
Kapil+
I am in this small bowl, I wane see the real world......