From c7011fac38507472d650c6cce9b1ae74eac0ffd8 Mon Sep 17 00:00:00 2001 From: djm Date: Sat, 10 Feb 2018 06:15:12 +0000 Subject: [PATCH] Disable RemoteCommand and RequestTTY in the ssh session started by scp. sftp is already doing this. From Camden Narzt via github; ok dtucker --- usr.bin/ssh/scp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c index 5bc49723022..08a6d5ad564 100644 --- a/usr.bin/ssh/scp.c +++ b/usr.bin/ssh/scp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: scp.c,v 1.194 2017/12/18 17:28:54 millert Exp $ */ +/* $OpenBSD: scp.c,v 1.195 2018/02/10 06:15:12 djm Exp $ */ /* * scp - secure remote copy. This is basically patched BSD rcp which * uses ssh to do the data transfer (instead of using rcmd). @@ -398,6 +398,8 @@ main(int argc, char **argv) addargs(&args, "-oForwardAgent=no"); addargs(&args, "-oPermitLocalCommand=no"); addargs(&args, "-oClearAllForwardings=yes"); + addargs(&args, "-oRemoteCommand=none"); + addargs(&args, "-oRequestTTY=no"); fflag = tflag = 0; while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) -- 2.20.1