1

I have a script invoked at ssh invocation (on Linux) to run some commands and then login as a different user su -l <anotheruser> - all this works fine, when I use any Linux based scp/ssh clients. But when I try with WinScp (with File Protocol SCP in options) it does not work! On troubleshooting further, it seems like the shell invoked via su -l <anotheruser> is somehow getting killed! So, I see the following in WinScp log:

(EFatal) **Connection has been unexpectedly closed.** Server sent command exit status 1

But I am not able to figure out why the su login shell is getting killed only when using WinScp! Any pointers to debug further?

--EDIT--

Last few lines from WinSCP log:

! 2024-07-27 00.23.13.824 su: must be run from a terminal . 2024-07-27 00.23.13.824 Session sent command exit status 1 . 2024-07-27 00.23.13.824 Main session channel closed . 2024-07-27 00.23.13.824 All channels closed . 2024-07-27 00.23.13.824 Timeout waiting for network events . 2024-07-27 00.23.13.824 Waiting for another 1 bytes . 2024-07-27 00.23.13.824 Looking for incoming data . 2024-07-27 00.23.13.824 Looking for network events . 2024-07-27 00.23.13.824 Attempt to close connection due to fatal exception: * 2024-07-27 00.23.13.824 **Connection has been unexpectedly closed.** Server sent command exit status 1. . 2024-07-27 00.23.13.824 Closing connection. . 2024-07-27 00.23.13.824 Selecting events 0 for socket 1932 * 2024-07-27 00.23.13.856 (EFatal) **Connection has been unexpectedly closed.** Server sent command exit status 1. * 2024-07-27 00.23.13.856 Error skipping startup message. Your shell is probably incompatible with the application (BASH is recommended).

Does the line

! 2024-07-27 00.23.13.824 su: must be run from a terminal

Indicate an issue!?

My script is invoked via a NSS plugin (libnss-ato)

--EDIT 2--

After using a su version from util-linux which has a --pty option, winscp seems to get stuck! logs:

< 2024-08-02 15.00.55.772 tani1@sys7-vm81B$ echo "WinSCP: this is end-of-file:0" . 2024-08-02 15.00.55.772 Read 31 bytes (18 pending) < 2024-08-02 15.00.55.772 WinSCP: this is end-of-file:0 . 2024-08-02 15.00.55.772 Read 18 bytes (0 pending) . 2024-08-02 15.00.55.772 Waiting for another 1 bytes . 2024-08-02 15.00.55.772 Looking for incoming data . 2024-08-02 15.00.55.772 Looking for network events . 2024-08-02 15.01.12.135 Timeout waiting for network events . 2024-08-02 15.01.12.135 Waiting for data timed out, asking user what to do. . 2024-08-02 15.01.12.135 Asking user: . 2024-08-02 15.01.12.135 **Host is not communicating for 15 seconds. . 2024-08-02 15.01.12.135 . 2024-08-02 15.01.12.135 Wait for another 15 seconds?** ()
Improve this question
10
  • What protocol are you using with WinSCP? Commented Jul 26, 2024 at 21:16
  • @MartinPrikryl I am trying scp Commented Jul 27, 2024 at 5:17
  • Please edit all information into your question + How does the script invoke at ssh invocation? + Post WinSCP log. Commented Jul 27, 2024 at 7:41
  • "su: must be run from a terminal" – I wonder how exactly does this work with scp. It should fail the same way as with WinSCP. Can you gide us details on that? Commented Jul 28, 2024 at 5:51
  • @MartinPrikryl I am not sure why I see that error! scp/ssh from command line (linux) works fine! Commented Jul 28, 2024 at 13:29

1 Answer 1

Reset to default
2

su requires a terminal to function properly, and when used with WinSCP, it does not get the required terminal environment, which leads to errors.

Instead, use sudo instead of su, if possible, consider using sudo with the -i option to switch users. sudo does not require a terminal in the same way su does. Modify your script to use sudo instead of su. For example:

sudo -i -u <anotheruser> <command>

You could also use the script command to create a pseudo-terminal. This allows su to run in an environment where it thinks it has a terminal. Like this:

script -q -c "su - <anotheruser> -c '<command>'" /dev/null

In WinSCP, you can try to tweak the settings to ensure compatibility with the terminal requirements. Go to the Advanced settings in WinSCP and adjust the Shell settings. Set the shell to bash or another compatible shell.

If the above failed, debug it using strace to find what is blocking it.

Improve this answer
7
  • Thanks. I think I had tried this already, anyway tried it again. This is the error: ! 2024-08-02 18.17.49.305 sudo: no tty present and no askpass program specified .. there's something that winscp seems to do differently which is making su not allocate a pty ! i.e, I don't see this line in syslog : su[14134]: + /dev/pts/0 curruser:otheruser which I see in normal command line ssh case Commented Aug 2, 2024 at 13:10
  • 1
    I added the usage of strace` to my answer. That should show what is failing. If you are allowed to use Linux, that will save you light-years of headaches, ask you SA if you may use it as a subsystem. Commented Aug 2, 2024 at 16:50
  • 1
    I used util-linux's su as that worked! Commented Aug 13, 2024 at 17:08
  • 1
    yes, it worked with the su I built from util-linux, I am on Debian, which was using shadow su! (I didn't know this distinction before). Commented Aug 14, 2024 at 7:39
  • 1
    Great to hear it worked! Just to clarify, Debian’s default su is from the shadow package, which lacks the --pty option; the util-linux version adds this feature. If you’re satisfied with the solution, please consider marking the issue as resolved. Thanks! Commented Aug 15, 2024 at 11:21

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.