Thanks Alan & Iain for your replies. RE: >> ssh 127.0.0.1 dash -c env >> >> appear to do the expected for me. >> Yes, it is easy enough to run any program on the remote host to read commands from stdin and write results to stdout ; but that means you have to send the script to execute separately: $ echo "$script" | ssh $remote_host $remote_shell and that means you must be aware on the origin host exactly what the path of $remote_shell is on the remote host. Also using $SHELL -c "$SCRIPT" on the origin host does not work if $SCRIPT contains semi-colons; only the first line terminated by a semi-colon will be run by $SHELL; remaining lines are run by the user's default shell. And that introduces a new level of quoting hell . What I'd like is an option I could put into a configuration file on $remote_host to say "sshd should use SHELL=$X for all commands", or maybe it might be nicer to be able to say: "use SHELL=$X for commands coming from host $Y or network $N" or "use SHELL=$X for commands that match the regular expression $Y" or a combination of both. The problem is of course, there appears to be no user-specific configuration file for sshd beyound ~/.ssh/rc - and I don't think that is the right file . AFAICS, sshd does not parse the user's ~/.ssh/config - this is used only by the 'ssh' client for OUTGOING commands. It appears sshd needs a per-user config file for INCOMING commands. So the patch would need to add a new "~/.ssh/sshd_config' file, which could contain lines like : # for commands coming from hosts on subnet 192.168/16, use this shell: Host 192.168/16 Shell /path/to/my/subnet.192.168/shell # for commands coming from hosts on subnet 172.16/16, use this shell: Host 172.16/16 Shell /path/to/my/subnet.172.16/shell # for commands which start with 'new_shell', use specified shell and # remove prefixing 'new_shell' : Match ^(new_shell)\ (.*) = \2 Shell /path/to/my/latest/shell If I develop such a patch, would there be any interest in it / likelihood of it being incorporated in a future OpenSSH release ? Iain, I'd be most interested to see your 'ForceShell' patch. Please could you post it ? Does it apply to commands from particular hosts, or all incoming commands ? Thanks & Regards, Jason On 21/01/2015, Iain Morgan <imorgan@xxxxxxxxxxxx> wrote: > On Wed, Jan 21, 2015 at 17:29:00 +0000, Alex Bligh wrote: >> >> On 21 Jan 2015, at 15:36, Jason Vas Dias <jason.vas.dias@xxxxxxxxx> >> wrote: >> >> > Please can OpenSSH provide some way of specifying which shell to use to >> > execute commands on a host. >> >> Using dash as an example of another shell: >> >> ssh 127.0.0.1 -t dash >> >> and >> >> ssh 127.0.0.1 dash -c env >> >> appear to do the expected for me. >> > > Two years ago, I opened a bug to add support for a ForceShell option > to sshd that would provide the ability to override users shells. There > doesn't seem to have been much interest in it, and I never received any > feedback. > > I haven't updated the patch since the original submission, and it may > need some further work, but it might be worth a try. I don't recall it > it overrides the user's shell during forced password changes, so that > may be one area that needs to be addressed. > > -- > Iain Morgan > _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev