[erlang-questions] scp subsystem

Stefan Jahn stefan@REDACTED
Thu Mar 28 22:04:21 CET 2013 

Hello Attila,

thank you again =D  works like charm also for privileged ports...

Thus, only 2) ... 4) still to be done.

Best regards, Stefan.

On Thu, March 28, 2013 1:25 pm, Attila Rajmund Nohl wrote:
> Hello!
>
> There is already an {fd, FD} option in ssh:daemon, so bind first, then
> pass the file descriptor.
>
> 2013/3/28 Stefan Jahn <stefan@REDACTED>:
>> Hello Ingela,
>>
>> after some experimentation I have an almost completed scpd server
>> implementattion at hand.
>>
>> Some issues still remain:
>>
>> 1) for privileged ports for ssh:daemon() I suggest to have a callback
>>    to the ssh options to obtain listen() handle from e.g. fd_server.
>>    What do you think?
>>
>> 2) save path handling (resolve symlinks); I leave this out, because
>>    I've seen in sftpd implementation similar thing.  Probably we should
>>    share functions across scpd and sftpd?
>>
>> 3) fine grained file permissions per user base: r/w for list of
>>    directories, I leave it out for now, because not necessery so far
>>    for my own purposes
>>
>> 4) ssh channel flushing/eof/close on the last transferred file in
>>    source mode of the scpd server.  needs some more investigations...
>>    that why I wrote the "scp eow" topic on the list.
>>
>> 1) until 3) is not that big problem, but 4) need to be solved.  After
>> that I would be happy to contribute if you are interested...
>>
>> What do you think?
>>
>> BR, Stefan.
>>
>> On Tue, March 19, 2013 3:04 pm, Ingela Andin wrote:
>>> Hello again,
>>>
>>> If you do a general scp client/server implementation you should
>>> consider contributing it.
>>> We would be interested.
>>>
>>> Regards Ingela Erlang/OTP team - Ericsson AB
>>>
>>> 2013/3/19, Ingela Andin <ingela.andin@REDACTED>:
>>>> Hi!
>>>>
>>>> 2013/3/19, Stefan Jahn <stefan@REDACTED>:
>>>>> dear erlang'ers,
>>>>>
>>>>> after reading some documentation on ssh otp system I ended up with:
>>>>>
>>>>>     ssh:daemon({0,0,0,0}, 45678, [{pwdfun, fun auth/2},
>>>>> %% create server keys:
>>>>> %% ssh-keygen -f /tmp/ssh/ssh_host_rsa_key -N '' -t rsa
>>>>> %% ssh-keygen -f /tmp/ssh/ssh_host_dsa_key -N '' -t dsa
>>>>>                               {system_dir, "/tmp/ssh"},
>>>>>                               {user_dir, "/tmp/ssh"},
>>>>> %                             {ssh_cli,{ssh_cli, {ssh_scpd, []}}},
>>>>>                               {auth_methods,
>>>>> "keyboard-interactive,password"},
>>>>>                               {subsystems, [
>>>>>                                             ssh_scpd:subsystem_spec([])
>>>>> %
>>>>> ssh_sftpd:subsystem_spec([{vsn, 3}])
>>>>>                                            ]}]).
>>>>>
>>>>> whereas the ssh_scpd module is base on the ssh_sftpd module from otp,
>>>>> i.e.
>>>>>
>>>>> -module(ssh_scpd).
>>>>> %-behaviour(ssh_daemon_channel).
>>>>> -behaviour(ssh_channel).
>>>>>
>>>>> -define(UINT32(X), X:32/unsigned-big-integer).
>>>>>
>>>>> %% External exports
>>>>> -export([subsystem_spec/1]).
>>>>>
>>>>> %% Callbacks
>>>>> -export([init/1, handle_ssh_msg/2, handle_msg/2, terminate/2,
>>>>> code_change/3]).
>>>>>
>>>>> implementing the callbacks similar to what we have in ssh_sftpd...
>>>>>
>>>>> now, when I start
>>>>>
>>>>> $ scp -P 45678 README ssh@REDACTED:README
>>>>>
>>>>> authentification works fine as implemented in auth/2, but somehow
>>>>> the ssh channel behaviour is not used at all.
>>>>>
>>>>> ssh@REDACTED's password:
>>>>> {error,{1,erl_parse,["syntax error before: ",[]]}}
>>>>> $ Received disconnect from 127.0.0.1: 11: Application shutdown
>>>>>
>>>>> It seems like scp commands are send into the standard erlang shell
>>>>> (which
>>>>> I did not specify) and not into the channel.
>>>>>
>>>>> I am using R15B2.
>>>>>
>>>>> Could please someone help out here and give me some hint where to
>>>>> proceed reading?
>>>>>
>>>>> Also an abstract description of the difference between the purposes
>>>>> of
>>>>> ssh_cli and subsystems options would be appriciated.
>>>>
>>>> ssh_cli is to customize the shell I do not think you want to use
>>>> ssh_cli at all. You should write your scp-deamon as subsystem and then
>>>> use an existing scp client to connect to it or
>>>> write your own erlang client that opens an ssh connection, requests
>>>> the ssh-scp subsystem and then sends scp commands on the channel along
>>>> the lines;
>>>>
>>>> ssh:connect ...
>>>> ssh_connection:session_channel...
>>>> ssh_connection:subsystem...
>>>> ssh_connection:send...
>>>>
>>>> The client can use the ssh_channel behavior.
>>>>
>>>> Regards Ingela Erlang/OTP team Ericsson AB
>>>>
>>>
>>
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>

More information about the erlang-questions mailing list