Specify shell at ssh login, not appearing in w, who or last output - SSH

This is a discussion on Specify shell at ssh login, not appearing in w, who or last output - SSH ; Hi all, I am having an unusual problem whereby if I specify the shell during an ssh login, I do not appear in the w, who or last output. I also do not get a shell prompt, rather just a ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: Specify shell at ssh login, not appearing in w, who or last output

  1. Specify shell at ssh login, not appearing in w, who or last output

    Hi all,

    I am having an unusual problem whereby if I specify the shell during
    an ssh login, I do not appear in the w, who or last output. I also do
    not get a shell prompt, rather just a cursor. I can use the login as
    per a normal ssh login and my shell does appear in the ps output, but
    again just not in the w, who or last output.

    Perhaps I am being a bit naive, but I would have thought that these
    commands would give me an accurate view of the system.

    I've tried this on Solaris 9 and Solaris 10, as well as the current
    stable Ubuntu Server and the current stable Debian. Unfortunately I do
    not have the OpenSSH versions handy so that may hinder an answer. I
    can follow this up however.

    You can try by doing the following:

    ssh -l /bin/bash

    or whatever your shell is.


    Any suggestions would be appreciated. Ultimately I want to be able to
    see these logins in the w, who and last output. As an example, I have
    one user who has been logging in this way for months and there's no
    record of it in the last results.

  2. Re: Specify shell at ssh login, not appearing in w, who or last output

    On Tue, Aug 12, 2008 at 03:37:38AM -0700, gbudge@gmail.com wrote:
    > Hi all,
    >
    > I am having an unusual problem whereby if I specify the shell during
    > an ssh login, I do not appear in the w, who or last output. I also do
    > not get a shell prompt, rather just a cursor. I can use the login as
    > per a normal ssh login and my shell does appear in the ps output, but
    > again just not in the w, who or last output.
    >
    > Perhaps I am being a bit naive, but I would have thought that these
    > commands would give me an accurate view of the system.
    >
    > I've tried this on Solaris 9 and Solaris 10, as well as the current
    > stable Ubuntu Server and the current stable Debian. Unfortunately I do
    > not have the OpenSSH versions handy so that may hinder an answer. I
    > can follow this up however.
    >
    > You can try by doing the following:
    >
    > ssh -l /bin/bash
    >
    > or whatever your shell is.
    >
    >
    > Any suggestions would be appreciated. Ultimately I want to be able to
    > see these logins in the w, who and last output. As an example, I have
    > one user who has been logging in this way for months and there's no
    > record of it in the last results.



    That not depend on ssh but more on the system and on the shell.. if you
    want to call the shell that way on the ssh command line and you can
    force an interactive shell by using the "-i" option of bash. e.g.
    ssh user@host "/bin/bash -i"

    But it's not the usual way. Normally, you can change the default shell
    on your account and that way, you just have to do: ssh user@host. To
    change your default shell for you account, it depend on the OS. I don't
    know for Solaris but on most Linux and BSD's you can use: "chsh" command
    on the server..

    --
    Martin

  3. Re: Specify shell at ssh login, not appearing in w, who or last output

    gbudge@gmail.com writes:

    >I am having an unusual problem whereby if I specify the shell during
    >an ssh login, I do not appear in the w, who or last output. I also do
    >not get a shell prompt, rather just a cursor. I can use the login as
    >per a normal ssh login and my shell does appear in the ps output, but
    >again just not in the w, who or last output.


    I think you need to add "-t" on the ssh line, to force a tty to be
    allocated for the login. The default is to allocate a tty for normal
    login, but not if a command is specified on the ssh command line.


  4. Re: Specify shell at ssh login, not appearing in w, who or last output

    On 2008-08-12, gbudge@gmail.com wrote:

    > Any suggestions would be appreciated. Ultimately I want to be able to
    > see these logins in the w, who and last output. As an example, I have
    > one user who has been logging in this way for months and there's no
    > record of it in the last results.


    ftp://ftp.porcupine.org/pub/security...cracking.101.Z

    --
    Elvis Notargiacomo master AT barefaced DOT cheek
    http://www.notatla.org.uk/goen/

  5. Re: Specify shell at ssh login, not appearing in w, who or lastoutput

    Thanks for the replies. What I am trying to achieve is to prevent
    people from logging in this way, rather than giving them the option.

    Is it possible to prevent specifying the shell at login?

  6. Re: Specify shell at ssh login, not appearing in w, who or last output

    gbudge@gmail.com writes:

    >Thanks for the replies. What I am trying to achieve is to prevent
    >people from logging in this way, rather than giving them the option.


    Give the user a restricted shell as login shell, or write your
    own shell program that checks for this then does an exec to the
    real shell.

    Note that if a user does

    ssh hostname /bin/bash

    then sshd actually does

    $LOGINSHELL -c /bin/bash

    so a suitably restricted login shell (as defined in /etc/passwd)
    should be able to check/prevent this.


  7. Re: Specify shell at ssh login, not appearing in w, who or lastoutput

    On Aug 13, 12:18*pm, Neil W Rickert wrote:
    > gbu...@gmail.com writes:
    > >Thanks for the replies. What I am trying to achieve is to prevent
    > >people from logging in this way, rather than giving them the option.

    >
    > Give the user a restricted shell as login shell, or write your
    > own shell program that checks for this then does an exec to the
    > real shell.
    >
    > Note that if a user does
    >
    > * * * * ssh hostname /bin/bash
    >
    > then sshd actually does
    >
    > * * * * $LOGINSHELL -c /bin/bash
    >
    > so a suitably restricted login shell (as defined in /etc/passwd)
    > should be able to check/prevent this.


    Thanks Neil. Let me look into this. Hopefully this is the solution.

+ Reply to Thread