Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Mike Packard
May 7, 2004, 3:04 am
rate this thread
I am running FreeBSD with a jail to allow users to log in to my server.
The server is behind a firewall and has a nonroutable internal ip
address. Now, I am using NAT on the jail and the server and my gateway
has the outside address. This outside address is all that I present to
the users even after they log in. I have not permitted them to gleam
any information about my network structure except for one piece of
information. When log in with ssh, the environment variable
SSH_CONNECTION has the jail's true internal address.
Here's my question. Is there anything I can do on the server to change
or stop this environment variable from being set?
Re: Unsetting ssh_connection
If you set 'PermitUserEnvironment yes' in sshd_config, you can put
into $HOME/.ssh/environment to clear out the contents of the variable (I
don't think there is a way to unset it). Of course this can be removed
by the user if he can write to his home directory... A better way might
be to have a special shell, basically a wrapper that clears out any
unwanted environment variables before exec'ing the real one. Or just not
worry about it...
- » Meaning of the cookie part of the Key exchange init message ??????
- — Next thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum