[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: tightening ssh
- From: Alejandro Flores <alejandrorflores gmail com>
- To: For users of Fedora Core releases <fedora-list redhat com>
- Subject: Re: tightening ssh
- Date: Sun, 20 Nov 2005 22:51:12 -0300
Hey,
> >- Use a program to ask something to the user who logs in.
>
> I don't know much about ssh. Does "ssh <hostname> <command>" bypass this
> program? Say "ssh your host /bin/bash"?
Yes, if you call this program in your /etc/profile or ~user/.bash_profile.
When a user logs in, sshd will execute:
/path/to/UserShell -
When a User issue a command like "ssh you host /bin/bash", sshd will execute:
/path/to/UserShell -c '/bin/bash'.
So, in order to work, the user shell must be set to this program.
Example:
/bin/shellWraper:
#!/bin/bash
echo -n "Who is the master Lee Roy?"
read w
if [ "$w" != "ShoNuff" ]; then
echo "Bad answer Lee Roy!"
exit 255
fi
if [ $# -gt 0 ]; then
/bin/bash -c "$@"
else
/bin/bash -
fi
chmod +x /bin/shellWrapper
Set the user shell to /bin/shellWrapper
you:x:504:504::/home/you:/bin/shellWrapper
Try to log in as this user.
--
Regards,
Alejandro Flores
http://www.triforsec.com.br/
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]