Ssh – scp permission denied after ‘hardening’ with bastille

I recently 'hardened' two Ubuntu servers using Bastille, and now I get permission denied: scp whenever I try to scp files in.

• SSH login works fine.
• I've tried adding an /scp-dump folder with 777 permissions and still get the same error, so I don't believe it is a permission issue.

• Tailing /var/log/auth.log doesn't really give any information, apart from

  Oct  1 23:08:39 localhost sshd[20876]: Accepted publickey for some-user from [redacted ip] port 49250 ssh2
  Oct  1 23:08:40 localhost sshd[20884]: Received disconnect from [redacted ip]: 11: disconnected by user
  

• Using the -v flag with scp outputs the following:

  Executing: program /usr/bin/ssh host some-domain.com, user (unspecified), command scp -v -t -- /scpdump
  OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011
  debug1: Reading configuration data /Users/some-user/.ssh/config
  debug1: Reading configuration data /etc/ssh_config
  debug1: /etc/ssh_config line 20: Applying options for *
  debug1: Connecting to some-domain.com [12.34.56.78] port 22.
  debug1: Connection established.
  debug1: identity file /Users/some-user/.ssh/id_rsa type 1
  debug1: identity file /Users/some-user/.ssh/id_rsa-cert type -1
  debug1: identity file /Users/some-user/.ssh/id_dsa type -1
  debug1: identity file /Users/some-user/.ssh/id_dsa-cert type -1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1
  debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_5.9
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: server->client aes128-ctr hmac-md5 none
  debug1: kex: client->server aes128-ctr hmac-md5 none
  debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  debug1: Server host key: RSA 8e:83:21:4a:9c:be:57:56:b1:07:5a:14:68:8a:47:dc
  debug1: Host 'some-domain.com' is known and matches the RSA host key.
  debug1: Found key in /Users/some-user/.ssh/known_hosts:17
  debug1: ssh_rsa_verify: signature correct
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: Roaming not allowed by server
  debug1: SSH2_MSG_SERVICE_REQUEST sent
  debug1: SSH2_MSG_SERVICE_ACCEPT received
  debug1: Authentications that can continue: publickey,password
  debug1: Next authentication method: publickey
  debug1: Offering RSA public key: /Users/some-user/.ssh/id_rsa
  debug1: Server accepts key: pkalg ssh-rsa blen 277
  debug1: read PEM private key done: type RSA
  debug1: Authentication succeeded (publickey).
  Authenticated to some-domain.com ([12.34.56.78]:22).
  debug1: channel 0: new [client-session]
  debug1: Requesting no-more-sessions@openssh.com
  debug1: Entering interactive session.
  debug1: Sending environment.
  debug1: Sending env LANG = en_US.UTF-8
  debug1: Sending env LC_CTYPE = C
  debug1: Sending env LC_MESSAGES = en_AU.utf-8
  debug1: Sending env LC_TIME = en_AU.utf-8
  debug1: Sending env LC_MONETARY = en_AU.utf-8
  debug1: Sending env LC_NUMERIC = en_AU.utf-8
  debug1: Sending env LC_COLLATE = en_AU.utf-8
  debug1: Sending command: scp -v -t -- /scpdump
  zsh:1: permission denied: scp
  debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
  debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
  debug1: channel 0: free: client-session, nchannels 1
  debug1: fd 0 clearing O_NONBLOCK
  debug1: fd 1 clearing O_NONBLOCK
  Transferred: sent 2880, received 2504 bytes, in 0.6 seconds
  Bytes per second: sent 4563.7, received 3967.9
  debug1: Exit status 126
  lost connection
  

Any idea where the permission denied might be coming from, config files I can look into, or other logs I should be looking at?