Re: User name prompt with ssh
From: Jayson Anderson (sonick_at_sonick.com)
Date: 09/02/05
- Previous message: James Thomas Richardson: "Port Forwarding from different local addresses"
- In reply to: Guillaume Vissian: "Re: User name prompt with ssh"
- Next in thread: Mark Senior: "RE: User name prompt with ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: secureshell@securityfocus.com Date: Thu, 01 Sep 2005 20:39:40 -0700
Or, just write a tiny shell script that prompts for a username, reads
stdin into $variable then calls ssh -l "$variable" and exits; leaving
the ssh password prompt as the last step. Some small fixups may or may
not be necessary, nothing major. As long as the shell invoked by the
script matches the default user login shell, no environmental vars
should be sacrificed.
Then inform the users of the proper command to use, or rename 'ssh' and
name the new script 'ssh', of course invoking the re-named ssh binary.
Lock down script access of course. Your user availability/exposure model
will define which path to take, but generally speaking the latter
'replace the binary' method is a really bad idea; anyone else clued that
may use the box will be pretty ticked when she discovers the ssh binary
has been replaced :) Still, if the users are horrendously inflexible
then it may be the only route. They do exist I know......
Else you must either use sudo, or provide a way for the user to login
locally prior to invoking ssh or even another way to invoke a
user-specific terminal from which to launch from; there is no other
low-profile workaround using the default openssh. You could always alter
the openssh source as well..
I learned something new, I didn't know putty was available for anything
but wintel. Time to peep that....
Good luck,
Jayson
On Thu, 2005-09-01 at 17:34 +0200, Guillaume Vissian wrote:
> Hello,
>
> Under Unix system the openssh client use when it is not specified in the
> command line the local user login by default, if you want to have a
> login prompt you have to use another ssh client... you can get putty for
> sun solaris.
>
> Regards,
>
> Guillaume Vissian
> Président de l'Association d'Audit de Sécurité
> 53, rue de Grenelle
> 75007 Paris
>
> Baveystock.John@swm.de wrote:
>
> >Hello,
> >
> >I am testing openssh on a Sun Solaris 8 workstation. The ssh and support packages were obtained from Sunfreeware.com.
> >
> >I wish to login to our Cisco components which are using ssh and tacacs+ with the Cisco ACS server.
> >When I login from a Windows PC with Putty, I am promted for my user name, and then I can enter my password.
> >
> >With the Sun workstaion I have to enter " ssh -l user-name IP-address" to login. As different users will use this Sun workstation, it is important that the user is promted for the user name. How can we achieve this?
> >
> >Thanks
> >
> >John Baveystock
> >SWM Services Energie und Wasser GmbH
> >Netzwerkmanagement - S-IP-TK-KS
> >Emmy-Noether Str. 2, Zi. C0.80
> >80287 München
> >Tel.: 089/2361-4350
> >Mobil: 0172/8223043
> >Fax: 089/2361-2998
> >E-mail: baveystock.john@swm.de
> >
> >
> >
> >
- Previous message: James Thomas Richardson: "Port Forwarding from different local addresses"
- In reply to: Guillaume Vissian: "Re: User name prompt with ssh"
- Next in thread: Mark Senior: "RE: User name prompt with ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
