ftp through a ssh-tunnel refuses my ftp-shell

[codecommander]

Hi all,

Im running a server with Redhat linux,
which is accessable with the right
dsa-key only (no login, no rhostRSAauthentication,
no nothin).
But know, I have to provide a secure server access,
that is restricted to ftp. I use vsftp, which works
fine.

The problem:
When I open a ssh tunnel (per putty) and run the
ftp-connection through it, everythin is nice as
long as the user has a shell like "/bin/bash" or
"/bin/sh". But I need to give him somethin like
"usr/sbin/vsftpd" to keep him whithin his cage.
(with /bin/sh he wouldn't be restricted to his
home directory)

what happens is:
when I give him a shell like
"/usr/libexec/openssh/sftp-server"
and write into sshd_config an entry like
Subsystem sftp /usr/libexec/openssh/sftp-server

I can establish a ssh-connection but it aborts
with "bad message" when I try to use it

using as a shell
"/usr/sbin/vsftpd" with a sshd_config entry
Subsystem vsftp /usr/sbin/vsftpd
causes the connection to abort immediately


Is there an easier way, to provide sftp access?

 

[codecommander]

Hi folks,

guess my problem is almost solved, except somethin
I still dont understand.

I now used a sftp client (so called bitvise tunnelier,
available on

http://www.bitvise.com)

nice tool by the way.

usin this, the shell
"/usr/libexec/openssh/sftp-server"
and the sshd_config entry
Subsystem sftp /usr/libexec/openssh/sftp-server
the whole thing works fine.

but is there anybody out there, who can tell me, why I
can't connect with a commen ftp client by tunneling
my ssh-connection (via putty) when I dont give it a shell
like /bin/sh?

thanks for reading this

regards markus