Re: how to make Debian less fragile (long and philosophical)

[Justin Wells <jread@semiotek.com>]

By the way, so far as I know, that's an undocumented behavior of 
sshd that is really annoying. The manpage claims that the client 
"either requests a shell or execution of a command". So I suppose
technically it's allowed to invoke the shell and pass the command
via the -c argument, since "execution of a command" doesn't 
specifically mention a mechanism, but you really would expect 
it to just call exec().

You can verify that this is in fact what it does by creating a user
who has an "echoshell":

     #! /bin/sh
     echo "$@"

and then ssh commands at them. You'll see that your "echoshell" is 
in fact invoked, and gets passed the -c argument, followed by the 
command you asked for. 

This, combined with that documentation bug I logged against bash
a few weeks ago (it doesn't go interactive if it gets the -c
argument, even if it has a TTY, despite claims in the manpage
that it always goes interactive if it has a TTY), caused me an
enormous headache for awhile, until I realized what was going on.

If sshd were fixed to use exec rather than invoking your shell, then
you could dispense with having a static root shell providing you 
promise to have another machine on the network with an ssh client
that is allowed to connect as root, and you are willing to move to 
a different machine to solve the problem, for the non-remote case
(since you will be unable to log in at the console).

I still think that's a bit of a hassle, so it's probably best to have
some user with a static shell; root being the obvious candidate (but
it could be a different user, and add to that a static su).

Justin




On Thu, Aug 19, 1999 at 11:53:25PM -0400, Justin Wells wrote:
> 
> Nope. ssh invokes the command you request by calling your shell, 
> with the '-c' argument, so if your shell is dynamically linked, sh 
> will fail to exec it, and your command (sash) won't get run.
> 
> I checked the man page, and fortunately sash does support the 
> standard -c argument, so setting your shell to sash would allow 
> this kind of login. You could also use ash, bash, csh, tcsh, zsh, 
> or anything else you liked--providing it was static. Since ash is 
> small and fairly standard, it's a good choice. The advantage of
> 'sash' is that we've all already agreed it should be there. 
> 
> Justin
> 
> 
> On Thu, Aug 19, 1999 at 11:20:00PM -0400, Steve Willer wrote:
> > 
> > On Thu, 19 Aug 1999, Justin Wells wrote:
> > 
> > > I think there are some unresolved issues that need to be decided:
> > > 
> > >    -- A way for root to get sash started, either from an existing
> > >       shell (presumably a static su) or from a login prompt, or 
> > >       via a linked and loaded sshd (which would not need to be static
> > 
> > If ssh is installed on a machine, I would think you would be able to
> > launch sash with "ssh somemachine /bin/sash". Perhaps you need -t, but it
> > should work. This would allow you to make use of sash at login without
> > setting it as anybody's shell.
> > 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>