On Wed, 5 Jul 2023, Damien Miller wrote: > Some possibilities: > > 1. the receive.ksh script is faulty in some way that causes it to invoke > sftp-server > 2. some changes made by Redhat in the binaries they provided, not present > in the OpenSSH source we release have broken forced commands. > > #2 could be excluded by reproducing the problem using a sshd built from > source, without redhat's patches. FWIW, I've rebuilt openssh-7.4 from source and attempted a sftp connection with a ForceCommand set in sshd_config. The sftp session fails as expected: [djm@djm ~]$ sftp -oPort=2222 ::1 Authenticated to ::1 ([::1]:2222) using "publickey". Received message too long 1482184792 Ensure the remote shell produces no output for non-interactive sessions. Transferred: sent 2260, received 1520 bytes, in 0.0 seconds Bytes per second: sent 614738.3, received 413452.3 On the server side: debug2: subsystem request for sftp by user djm debug1: subsystem: exec() /usr/libexec/sftp-server Starting session: forced-command (config) '/tmp/xxx' for djm from ::1 port 32870 id 0 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
