Lai Zit Seng wrote:
>
> On Wed, 21 Jul 1999, Guan Sin Ong wrote:
>
> > We have set up a remote server at the other corner of the Net to allow
> > our staff log into the machine using ssh, set up a tunnel, and then
> > forward all their connections through the tunnel securely. We do not
> > want to allow login shell access to the system. So basically what we do
> > is to have a dummy shell for each of the logins. The dummy shell is
> > simply a program doing nothing other than sleep() system call for many
> > many seconds. That way logging in is fine but no access to the system.
> >
> > Would appreciate if anyone can point out any security concerns with such
> > setup. I am especially concerned if there are ways to break out of the
> > dummy shell (in which case I assume the ssh connection will be dropped)
> > or anything I don't know to compromise it.
>
> Well, user could have ssh execute a command when they login, and perhaps
> even run a shell. Eg,
>
> ssh -L ... -l somebody some.server.com /bin/sh
>
> And then he still gets a sh shell.
Thankx for your response.
But what we have for the shell replacement is not a shell, therefore
sending any command to the login will not be executed. The shell
replacement is a simple C program with just one command - sleep(). It
does not accept any input, nor will it do anything else. I have tried
what you suggested and the session would just hang there.
