SSH tty allocation

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


If you use chrsh to allow users shell access and use SSH, please be
aware that some versions of the SSH server can permit the remote user
to bypass their local shell setting ("ssh -l username -t hostname
/bin/sh") and still get access to a shell that is NOT chrooted. This
problem does NOT affect all users of SSH. Additionally, keep in mind
that SSH may also permit the user to use IP forwarding, enabling the
user to act as if he/she were connecting FROM the server where SSH
resides, or even operate IP services that get forwarded to the user's

How do I disable this function in ssh? Would it have any side affects?


Site Timeline