sshd custom shell script for specifc user
Darren Tucker
dtucker at zip.com.au
Tue Jan 31 16:23:01 AEDT 2017
On Tue, Jan 31, 2017 at 3:55 PM, Sudarshan Soma <sudarshan12s at gmail.com> wrote:
> Thanks Darren, the intention to do this :
> allow users to access my own shell/CLI(including authentication) on port 22.
> their firewall settings doesnt allow anything other than port 22, so I would
> internally redirect to port 1023 when customuser is provided.
If the clients are openssh you could use it in "stdio forwarding" mode
to establish an end-to-end connection to the sshd on port 1023.
You'd configure the server something like this in the main sshd's config:
Match user customuser
MaxSessions 0
PermitOpen localhost:1023
then in the client's config
Host yourapplication
ProxyCommand ssh -W localhost:1023 customuser at yourgateway
which should allow "ssh admin at yourapplication" to work.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list