| Summary: | Add support for a ForceShell sshd option | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Iain Morgan <imorgan> | ||||||
| Component: | sshd | Assignee: | Assigned to nobody <unassigned-bugs> | ||||||
| Status: | NEW --- | ||||||||
| Severity: | enhancement | CC: | djm | ||||||
| Priority: | P5 | ||||||||
| Version: | -current | ||||||||
| Hardware: | All | ||||||||
| OS: | All | ||||||||
| Attachments: |
|
||||||||
Created attachment 2535 [details]
Updated patch
AFAIK it's possible to do this via ForceCommand already, as it receives the original command-line from the client as $SSH_ORIGINAL_COMMAND |
Created attachment 2207 [details] Add a ForceShell option to override the user's shell This patch adds a ForceShell option to sshd to override the user's shell. This can be used in a Match block to conditionally replace the user's shell with a restricted shell such as rksh, scponly or authpf. For example, Match Address !192.168.10.0/24 ForceShell /usr/sbin/authpf This provides more flexibility than merely changing the user's shell in the passwd file. It also makes it possible to override the shell when LDAP or NIS is used for user information.