Re: How to stop remote commands and allow ONLY interactive login sessions?

On Jun 26, 8:20 am, Simon Tatham <ana...@xxxxxxxxx> wrote:
BenRussoUSA  <> wrote:
Is there any way for OpenSSHD to allow interactive logins, but disable
remote commands?  I want users to be allowed to login and
interactively use a shell.
But I don't want them to be able to fire and forget a command.

Even if there was a way to conveniently do this (e.g. hack OpenSSH
so as to disable the "exec" request while still permitting "shell",
or set the user's shell to a program which execs the real shell if
invoked with no arguments but bombs out if passed '-c'), what would
it gain you? A user who wanted to automate a command on such a
system would only have to wrap an interactive ssh login with a
program such as expect(1), and they'd be able to run anything as an
automated job that they could do at the interactive shell prompt.
Simon Tatham         "What a caterpillar calls the end of the
<ana...@xxxxxxxxx>    world, a human calls a butterfly."

Oh, I can see why he'd want it. The ability to fire off tasks
remotely, without an interactive session, means that any SSH key or
'expect with password' tool can fire off dozens, hundreds, even
thousands of SSH tasks without any accomponaying user to yell at,
sending unattended jobs from anywhere the sessions are expected from.
I've seen just this sort of thing from badly written remote task
scripts, or worse yet monitoring scripts. (Don't get me started on
Sitescope's use of SSH right now. Just.... don't.)