rsync error using ssh : @ERROR: access denied
toserver.domain.com from unknown (0.0.0.0) {Scanned By MailScanner}
jw schultz
jw at pegasys.ws
Wed Jan 28 03:36:26 GMT 2004
On Tue, Jan 27, 2004 at 09:55:41PM -0500, tallen at 10east.com wrote:
> I've encountered a similar situation, and tracked it down. It seems that
> if the shell for your user is set to bash2 versions 2.0 -> 2.05.0, it
> causes your IP to appear as 0.0.0.0 . However, this has been fixed in
> 2.05b.0, and also works as normal in every other shell I've tested (zsh,
> csh, bash v1.x, ash). When I use SSH keys, I use a forced command, with a
> from address, but I also use the rsync hosts allow/deny so that the keys
> can be used to access some shares from some machines, and some from
> others. the 2.05b version can be found at
> http://www.gnu.org/directory/GNU/bash.html . Hope that helps.
Sure enough i've two versions of bash here and 2.05.0
unexports all the SSH environment variables but 2.05b.0
passes them.
> > As near as i can tell it never should have worked because
> > a local connection, via ssh, would never be allowed access with "hosts
> > allow" clause unless perhaps one of the hosts listed were
> > 0.0.0.0
> >
> > I've attached an UNTESTED patch (against CVS HEAD but should
> > be applicable to some older versions) that disables hosts
> > [allow|deny] for rsync over ssh so that the same config file
> > may be used for both ssh and direct socket connections.
That patch is no good. If you are stuck with bash trashing
your environment variables and want to share the rsyncd.conf
file with a regular daemon while using "hosts allow" you can
use a forced command or put 0.0.0.0 in the hosts allow list.
--
________________________________________________________________
J.W. Schultz Pegasystems Technologies
email address: jw at pegasys.ws
Remember Cernan and Schmitt
More information about the rsync
mailing list