RFC: ssh-copy-id tweaks
Ben Lindstrom
mouring at eviladmin.org
Tue Feb 5 09:30:42 EST 2008
On Mon, 4 Feb 2008, Alan Barrett wrote:
[..]
> Digression:
>
> I think it's a bug that sshd runs commands with the user's shell instead
> of with /bin/sh. The bug is easy to fix, by using _PATH_BSHELL in
> appropriate places in do_child() in session.c. If this is deemed to be
> intended behaviour and not a bug, then I'd ask that the part of the ssh
> man page that says
>
> If command is specified, it is executed on the remote host instead
> of a login shell.
>
> should be changed to explain what actually happens, so that people don't
> think "command is executed" means "command is executed using the remote
> system's standard command processor (which is /bin/sh on Unix-like
> systems)".
>
I disagree.. This would be a massive change in behavior. And would break
a lot of environment where they set the user's shell to some restricted
shell (rksh or scponly or rssh). And there would be no way for the admin
to allow scp but deny shell access.
- Ben
More information about the openssh-unix-dev
mailing list