On ssh Login Mechanics
- From: Tim Daneliuk <tundra@xxxxxxxxxxxxxx>
- Date: 10 May 2006 16:43:51 EDT
(This may be as much a question about Unix login and process spawning mechanics as anything, but I discovered this in the course of doing some
ssh work, so ...)
I have an account on an internet-facing FreeBSD machine that is setup
primarily to be used when doing ssh port forwarding. This account
is setup to NOT permit shell access (the shell is setup to /sbin/nologin). Still, when I do this:
ssh -L port:address:port -N fowarding@xxxxxxxxxxxxxxxxxxxxxxxxxxx
The forwarding works fine. That is, ssh connects to the sshd daemon on
"freebsdmachine", authenticates using "forwarding"'s credentials, and
goes off to properly do the port:address:port forwarding *even though*
"forwarding" has no shell and it exits immediately after any login attempt.
So ... how in the world is this working at all? I'm guessing that the
connection to sshd precedes any login attempt. But I am mystified how,
having presented the credentials for "forwarding", the connection between ssh client and sshd remains in place, given that true login
is not taking place...
.
- Follow-Ups:
- Re: On ssh Login Mechanics
- From: Tim Daneliuk
- Re: On ssh Login Mechanics
- Prev by Date: rssh testing
- Next by Date: Re: On ssh Login Mechanics
- Previous by thread: rssh testing
- Next by thread: Re: On ssh Login Mechanics
- Index(es):
Relevant Pages
|
|
