restricting non-pty cmds with passwd auth
guyverdh at mchsi.com
guyverdh at mchsi.com
Fri Sep 24 02:44:32 EST 2004
Couple of things you could try from the source side.
#1 rename the ssh binary, and replace with a shell script.
Allow it to parse parameters.
Parameters starting with a "-" minus sign are added to a variable,
then the first non "-" parameter is taken as well and added to said variable.
Then execute the renamed ssh binary with the variable contents used as
parameters.
-------------
while [ ${#} -gt 0 ]
do
case ${1} in
-*) varParams=${varParams}" ${1}" && shift 1;;
*) varParams=$(varParams)" ${1}" && shift ${#};;
esac
done
/usr/local/bin/ssh.cmd ${varParams}
-------------
Second, make an ssh alias for the user's profile, that only accepts one
parameter.
alias ssh=/usr/local/bin/ssh ${1}
More information about the openssh-unix-dev
mailing list