[no subject]

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,
I am trying to give access to sshd port 22 to connect to different port
1023 by differentiating with special user, customuser. Following is how i
tried, but it doesnt work, please suggest.

outside, user issues command
ssh customuser@ip, it fails


inside sshd_config, i wrote the following:


Match user customuser
    ForceCommand . /etc/myscript

inside myscript, I do the following:
read -p "Username: " RUSER
ssh $RUSER@127.0.0.1 -p 1023



with  this setting, i find these:

If i run sshd in debug mode, password is asked in the server window, prints
go to client window:

server terminal:
sshd -d -f /etc/ssh/sshd_config -h /etc/ssh/ssh_key

Starting session: forced-command (config) '. /etc/myscript' on pts/3 for
customuser from 10.102.12.12  port 41622
admin@127.0.0.1's password:


client terminal:
ssh customuser@10.220.167.18
Username: admin


If i run sshd in non interactive mode:
it doesnt ask for password at all

server logs:

Jan 30 17:22:18 Linux auth.info sshd[5229]: WARNING: /usr/local/etc/moduli
does not exist, using fixed modulus
Jan 30 17:22:18 Linux auth.err sshd[5229]: error: Could not get shadow
information for customuser
Jan 30 17:22:18 Linux auth.info sshd[5229]: Accepted none for customuser
from 10.220.82.17 port 41645 ssh2
Jan 30 17:22:18 Linux auth.info sshd[5230]: lastlog_openseek: Couldn't stat
/var/log/lastlog: No such file or directory
Jan 30 17:22:18 Linux auth.info sshd[5230]: lastlog_openseek: Couldn't stat
/var/log/lastlog: No such file or directory


client logs:

 ssh customuser@10.220.167.184
Username: admin
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password).
Connection to 10.220.167.184 closed.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux