Re: way to set shell used for remote commands?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 22/01/15 15:17, Jason Vas Dias wrote:
Thanks Alan&  Iain for your replies.
RE:
    ssh 127.0.0.1 dash -c env

appear to do the expected for me.

Yes, it is easy enough to run any program on the remote host
to read commands from stdin and write results to stdout ;
but that means you have to send the script to execute separately:
   $ echo "$script" | ssh $remote_host $remote_shell
and that means you must be aware on the origin host
exactly what the path of $remote_shell is on the remote host.
Also using $SHELL -c "$SCRIPT" on the origin host does not work if
$SCRIPT contains semi-colons; only the first line terminated by
a semi-colon will be run by $SHELL; remaining lines are run
by the user's default shell.  And that introduces a new level
of quoting hell .

What I'd like is an option I could put into a configuration file on
$remote_host to say "sshd should use SHELL=$X for all commands",  or
maybe it might be nicer to be able to say:
     "use SHELL=$X for commands coming from host $Y or network $N"
or "use SHELL=$X for commands that match the regular expression $Y"
or a combination of both.
(...)

Edit ~/.ssh/authorized_keys in the remote host and set for your key:¹
command="/bin/bash -c 'if [ -z \"$SSH_ORIGINAL_COMMAND\" ]; then exec /bin/good-shell \"$@\"; else exec /bin/good-shell -c \"$SSH_ORIGINAL_COMMAND\"; fi'"

The "choose shell based on subnet" can be implemented by pointing
to a shell script that parses $SSH_CONNECTION.

¹This will only work when you authenticate with public key, but if you were routinely executing remote commands like that and entering the key manually each time, you would already be doing things the Wrong Way.

Regards

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev





[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux