Hi there!
I'd really like to see SCP/SFTP support in APT so that I can use OpenSSH's
internal-sftp with my privately hosted Debian mirror.
The current SSH method works, but only if the user who accesses the repository
has shell access on that host.
If the SSH server hosting the repository is configured like this (in
/etc/ssh/sshd_config)
Subsystem sftp internal-sftp
Match user dpkg-user
ChrootDirectory %h
ForceCommand internal-sftp
Then using a package source like
deb ssh://dpkg-user@MYHOST/MYREPO/debian/ MYCODENAME main
Fails with an error message like
Err ssh://dpkg-user@MYHOST MYCODENAME/main Packages
Read error - read (0 Success)
Fetched 3373B in 2s (1621B/s)
W: Failed to fetch ssh://dpkg-
user@MYHOST/MYREPO//debian/dists/MYCODENAME/main/binary-amd64/Packages Read
error - read (0 Success)
E: Some index files failed to download, they have been ignored, or old ones
used instead.
All necessary files exist in the right places and I have enabled password-less
authentication with a public SSH key (i.e. I can use SCP just fine with the
setup).
If I understand correctly, the current SSH method just logs in via plain SSH
and uses the "find" and "dd" commands for file transfer. This is obviously not
allowed for users with a forced internal-sftp command.
Cheers,
Christian Blichmann