‘scponly’ an oxymoron :(

After spending an hour or so today trying to work out why scponly logins to upload files to one of our servers were no longer working, I found the answer:

scponly no longer supports scp.

Read that again. I kid ye not.

It turns out that, for security reasons (apparently – the way the rather well-hidden note about this reads the vulnerabilities have been fixed), since the 4.2 release scp support has been disabled unless compiled with the ‘--enable-scp-compat‘ option.

In the Gentoo ebuild ‘scp’ isn’t (yet) even a USE flag. The description still reads “A tiny pseudoshell which only permits scp and sftp” though – go figure.