2.3.4-4+deb8u1build0.16.04.1 breaks scp download using libssh2 client
Package: rssh
Version: 2.3.4-4+
We are using libssh2(v1.5) client to download files in our product. After rssh got auto patched, our download scenario is broken.
This happens only for users that are created with default rssh shell login.
Steps to repro:
1. sudo useradd -s /usr/bin/rssh -r -N -c "test" -G testgroup test
2. sudo passwd test
3. sudo usermod -a -G rsshusers test
4. Build libssh2
5. Run scp example
./example/
Stuck and fails to read the file.
Libssh2 logs indicate rssh returned following error
insecure scp option not allowed.
This account is restricted by rssh.
Allowed commands: scp sftp
I know the security patch is targeted for scp comands but not sure why it affects clients using libssh2.
Please let me know if this is expected behavior and if you need any details.
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- Ubuntu rssh Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask Iyyappa Murugandi for more information if necessary.