rssh Restricted Secure SHell only for sftp/scp/rdist/rsync/CVS

2.3.4_2 shells =9 2.3.4Version of this port present on the latest quarterly branch.

DEPRECATED: Abandoned by upstream
This port expired on: 2019-06-11

Maintainer: jharris@widomaker.com

Port Added: 2004-05-21 13:38:10

Last Update: 2019-06-13 09:31:30

SVN Revision: 504067

Also Listed In: security

License: BSD2CLAUSE

Description:

rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. It now also includes support for rdist, rsync, and CVS. For example, if you have a server which you only want to allow users to copy files off of via scp, without providing shell access, you can use rssh to do that. WWW: http://www.pizzashack.org/rssh/index.shtml

SVNWeb : Homepage

pkg-plist: as obtained via: make generate-plist

Expand this list (8 items)

1. /usr/local/share/licenses/rssh-2.3.4_2/catalog.mk
2. /usr/local/share/licenses/rssh-2.3.4_2/LICENSE
3. /usr/local/share/licenses/rssh-2.3.4_2/BSD2CLAUSE
4. @shell bin/rssh
5. man/man1/rssh.1.gz
6. man/man5/rssh.conf.5.gz
7. etc/rssh.conf.default.dist
8. libexec/rssh_chroot_helper

Collapse this list.

Dependency lines:

• rssh>0:shells/rssh

No installation instructions: this port has been deleted.

The package name of this deleted port was:

PKGNAME: rssh

Flavors: there is no flavor information for this port.

distinfo:

SHA256 (rssh-2.3.4.tar.gz) = f30c6a760918a0ed39cf9e49a49a76cb309d7ef1c25a66e77a41e2b1d0b40cd9 SIZE (rssh-2.3.4.tar.gz) = 113315

There are no ports dependent upon this port

Configuration Options

===> The following configuration options are available for rssh-2.3.4_2: RDIST=off: rdist support RSYNC3=off: rsync3 support (Debian patch) ===> Use 'make config' to modify these settings

USES:

cpe

Master Sites:

1. http://cytranet.dl.sourceforge.net/project/rssh/rssh/2.3.4/
2. http://downloads.sourceforge.net/project/rssh/rssh/2.3.4/
3. http://excellmedia.dl.sourceforge.net/project/rssh/rssh/2.3.4/
4. http://freefr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
5. http://jaist.dl.sourceforge.net/project/rssh/rssh/2.3.4/
6. http://kent.dl.sourceforge.net/project/rssh/rssh/2.3.4/
7. http://nchc.dl.sourceforge.net/project/rssh/rssh/2.3.4/
8. http://netcologne.dl.sourceforge.net/project/rssh/rssh/2.3.4/
9. http://netix.dl.sourceforge.net/project/rssh/rssh/2.3.4/
10. http://superb-dca2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
11. http://superb-sea2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
12. http://ufpr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
13. http://vorboss.dl.sourceforge.net/project/rssh/rssh/2.3.4/
14. https://cytranet.dl.sourceforge.net/project/rssh/rssh/2.3.4/
15. https://downloads.sourceforge.net/project/rssh/rssh/2.3.4/
16. https://excellmedia.dl.sourceforge.net/project/rssh/rssh/2.3.4/
17. https://freefr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
18. https://jaist.dl.sourceforge.net/project/rssh/rssh/2.3.4/
19. https://kent.dl.sourceforge.net/project/rssh/rssh/2.3.4/
20. https://nchc.dl.sourceforge.net/project/rssh/rssh/2.3.4/
21. https://netcologne.dl.sourceforge.net/project/rssh/rssh/2.3.4/
22. https://netix.dl.sourceforge.net/project/rssh/rssh/2.3.4/
23. https://superb-dca2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
24. https://superb-sea2.dl.sourceforge.net/project/rssh/rssh/2.3.4/
25. https://ufpr.dl.sourceforge.net/project/rssh/rssh/2.3.4/
26. https://vorboss.dl.sourceforge.net/project/rssh/rssh/2.3.4/

• port deleted on 2019-06-13
  REASON: Has expired: Abandoned by upstream
  

Remove expired port:
2019-06-11 shells/rssh: Abandoned by upstream

shells/rssh: Mark as deprecated and set to expire

Upstream has officially abandoned the port some time ago and the software
was maintained then for a while by the Debian project.

But even Debian will now pull the plug and rssh won't be available in their
next stable release. Considering these facts it makes sense to let this port
expire towards the end of Q2.

PR:		235121
Approved by:	miwi (mentor), maintainer
Differential Revision:	https://reviews.freebsd.org/D19503

shells/rssh: Apply fixes for basename(3) handling and some security issues

basename(3) has been changed to be POSIX compliant in r308264. This implies
that it can possibly write to the passed string. shells/rssh passes a const
string, so it always crashes on invocation with FreeBSD 12 and later. The
new patches remedy this issue. [1] [2]

During further tests and research came to light that there were also
recently discovered security issues with the parsing of rsync/scp command
line arguments and insufficient sanitization of environment variables when
using rysnc.

The corresponding fixes have been incorporated to the new patches and the
already existing patch for the RSYNC option has been tightened for the
argument parsing. Please note that with this patch the scp option "-3" can

Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight

- Add CPE info

Add an @shell keyword to handle adding and remove a shell path in /etc/shell
Bump port revision of all ports that were doing it wrong prior to the keyword

CR:		D208
Reviewed by:	antoine
With hat:	portmgr

- Add rsync3 support
- Add LICENSE

PR:		ports/180573
Submitted by:	maintainer

Support stage
Fix build with clang on head (symbol collision)

Add NO_STAGE all over the place in preparation for the staging support (cat:
shells)

- Pass maintainership to submitter
- While here trim header

PR:		180420
Submitted by:	Jason Harris <jharris@widomaker.com>

- Drop all my ports

- Fix typo in OPTIONS code

Spotted by:	rm
Feature safe:	yes

- Update to 2.3.4

PR:		ports/173980
Submitted by:	nemysis <nemysis@gmx.ch>
Feature safe:	yes

shells/rssh: mark FORBIDDEN due to being vulnerable

http://www.vuxml.org/freebsd/65b25acc-e63b-11e1-b81c-001b77d09812.html
documents rather serious vulnerability that allows people to curcumvent
protections put by rssh, thus making it a kind of non-usable tool.

Security:	65b25acc-e63b-11e1-b81c-001b77d09812

- Get Rid MD5 support

With hat:       portmgr (myself)

- Switch SourceForge ports to the new File Release System: categories starting
with P,R,S

- Readd shells/rssh without rsync support. I'm still actively using it.

2008-08-21 shells/rssh: No longer maintained upstream

- Replace BROKEN with IGNORE

- Mark as BROKEN, does not work with rsync 3

- change maintainer address on ports I maintain

Approved by:    clsung (mentor)

- Remove 4.x cruft
- Partial commit (use of destdir is deprecated)

PR:             ports/113930
Submitted by:   Thomas Abthorpe <thomas@goodking.ca> (maintainer)
Approved by:    sat (mentor)

- Pass maintainership to submitter
- Reformat pkg-descr

PR:             ports/100447
Submitted by:   Thomas Abthorpe <thomas at goodking.ca>

Reset bouncing maintainer address enigmatyc@laposte.net.

Hat:            portmgr

- Update to 2.3.2 and UnFORBIDDEN

PR:             94255
Submitted by:   delphij
Approved by:    portmgr (marcus)

Mark FORBIDDEN due to local privilege escalation.

Security:      
http://vuxml.FreeBSD.org/e34d0c2e-9efb-11da-b410-000e0c2e438a.html
Security:       http://www.pizzashack.org/rssh/security.shtml
Prodded by:     remko

SHA256ify

Approved by: krion@

- Add itself to /etc/shells

PR:             ports/81257
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>
Approved by:    maintainer timeout (16 days)

Update to version 2.2.3 to fix security vulnerability.

Security:      
http://vuxml.FreeBSD.org/f11b219a-44b6-11d9-ae2f-021106004fd6.html
With hat:       secteam
Approved by:    maintainer timeout (security; 2 days), erwin (mentor)

There is a string format vulnerability in rssh-2.2.1
http://www.pizzashack.org/rssh/security.shtml

- update to 2.2.2
- use REINPLACE_CMD instead of the patch file
- correct the knob for RDIST

PR:             73143
Submitted by:   leeym

- rssh < 2.2.1 has information disclosure vulnerability, so update to 2.2.1
- rssh depends on rsync and rdist (optionally)

PR:             71472
Submitted by:   leeym
Approved by:    portmgr (marcus)

- Mark rssh as IGNORE on 4.x (wordexp() is not supported)
  Maintainer informed.

Add rssh 2.1.1, a Restricted Secure SHell only for sftp or/and scp.

rssh is a Restricted Secure SHell that allow only the use of sftp or
scp. It could be use when you need an account (and a valid shell) in
order to execute sftp or scp but when you don't want to give the
possibility to log in to this user.

WWW: http://www.pizzashack.org/rssh/index.shtml

PR:             ports/65860
Submitted by:   enigmatyc

9 vulnerabilities affecting 54 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2020-03-27 14:06:31