Specifying both rsync and scp rules breaks scp functionality #14

ma-ef · 2023-06-04T21:06:31Z

My authprogs.yaml looks like this:

-
  from: [10.x.x.x]
  keynames: myhost
  allow:
    - rule_type: rsync
      allow_download: true
      paths: [/tmp/mycert.crt, /tmp/mycert.key]
    - rule_type: scp
      allow_download: true
      paths: [/tmp/mycert.crt, /tmp/mycert.key]

Transferring the file with scp root@myhost:/tmp/mycert.crt /tmp fails with the error
command "scp -f /tmp/mycert.crt" rejected.
The debug log shows:

checking rule """{'from': ['10.x.x.x'], 'keynames': 'myhost', 'allow': [{'rule_type': 'rsync', 'allow_download': True, 'paths': ['/tmp/mycert.crt', '/tmp/mycert.key']}, {'rule_type': 'scp', 'allow_download': True, 'paths': ['/tmp/mycert.crt', '/tmp/mycert.key']}]}"""
client_ip 10.x.x.x in 10.x.x.x/32
keyname "myhost" matches rule.
skipping rsync processing, binary "scp" not in approved list
skipping scp processing, binary "scp" not in approved list

If the rsync section is removed, i.e. config looks like this:

-
  from: [10.x.x.x]
  keynames: myhost
  allow:
    - rule_type: scp
      allow_download: true
      paths: [/tmp/mycert.crt, /tmp/mycert.key]

Everything works as it should and the file can be transferred. Could you please investigate this bug?

The text was updated successfully, but these errors were encountered:

ma-ef changed the title ~~Specifying rsync and scp rules breaks~~ Specifying both rsync and scp rules breaks scp functionality Jun 4, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Specifying both rsync and scp rules breaks scp functionality #14

Specifying both rsync and scp rules breaks scp functionality #14

ma-ef commented Jun 4, 2023 •

edited

Loading

Specifying both rsync and scp rules breaks scp functionality #14

Specifying both rsync and scp rules breaks scp functionality #14

Comments

ma-ef commented Jun 4, 2023 • edited Loading

ma-ef commented Jun 4, 2023 •

edited

Loading