Closed m3ng9i closed 3 years ago
I think this is something that we cannot do, as these error messages are originating from the ssh
client itself.
Additionally, anything that one could design would have to be implemented through the ssh
package itself.
My best guess to get something actually working here, I think you would have to setup a handler for both "pty-req"
and "shell"
that do not fail, where the "shell"
handler eventually just sends "This service allows sftp connections only."
and then terminates. How to do that is quite a bit outside the scope of this project.
You might be able to use the non-example server code as a model to get started, but we wouldn’t really be able to support you, because as mentioned before, outside of scope.
I guess the message "This service allows sftp connections only" is not generated by the server, but by the ssh client.
I found a piece of code from openssh:
# session.c of openssh source code, line 1646
if (s->is_subsystem == SUBSYSTEM_INT_SFTP_ERROR) {
error("Connection from %s: refusing non-sftp session",
remote_id);
printf("This service allows sftp connections only.\n");
fflush(NULL);
exit(1);
}
Maybe the server could send some data to the client, to let the client display: This service allows sftp connections only. I don't know how to do that.
The only way I would know of to print something from the server that would get displayed by the client is as mentioned, trapping pty-req
and shell
. Even the code here demonstrates that there is no message from the server being printed.
I’ve tried to poke around a bit and try and figure out how to trigger that condition, but I just don’t know how. But it’s definitely not anything that concerns SFTP itself, it’s at the level just before SFTP. Like I said, we’re only trapping the sftp
subsystem and the package’s code only runs once that subsystem is setup, everything else? 🤷♀️ Not our package, unfortunately.
Thanks for reply.
I run the example code of sftp/examples/go-sftp-server/main.go, and try to use ssh command to login:
After enter the password, I got the error message:
How to change the message above to "This service allows sftp connections only"?