ForceCommand: starting a shell

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I want to configure SSH to run "ForceCommand", and base on some
configuration and if SSH_ORIGINAL_COMMAND = "" (shell), start a shell.

What I found: starting ksh works, but /etc/profile is not loaded. I
can manually . /etc/profile, but then the $HOME/.profile is not
started. I can add this one too, but what other things do I missed?

And this would work IF the shell is ksh (AIX), what if the shell is
csh, or bash? What I would like is to "pass" to shell (normal
behavior) after the script test some stuff.

My goal: use comment in the the gecos of the user that "defines" what
type of user. Depending of the "definition" (batch user, interactive
user, etc), he can or he cannot do shell, sftp, etc.

The other way would be to use "Match" directive, but that would imply
managing groups for users, which is a "big task" (decentralized
security rigth now). gecos comment is already in place.

Any help appreciated.

Re: ForceCommand: starting a shell

Quoted text here. Click to load it

You probably need to exec the shell in such a way that you pass in
an argv[0] that starts with a minus sign. That indicates to the
shell that it's being run as a login shell, which should cause it to
run .profile or .bash_profile or .login or whatever is appropriate
for that shell.
Simon Tatham         "The distinction between the enlightened and the

Site Timeline