Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: User name prompt with ssh

from [Jayson Anderson] Network Security [Permanent Link]
Subject: Re: User name prompt with ssh
Date: Thu, 01 Sep 2005 20:39:40 -0700 
Or, just write a tiny shell script that prompts for a username, reads
stdin into $variable then calls ssh -l "$variable" and exits; leaving
the ssh password prompt as the last step. Some small fixups may or may
not be necessary, nothing major. As long as the shell invoked by the
script matches the default user login shell, no environmental vars
should be sacrificed. 

Then inform the users of the proper command to use, or rename 'ssh' and
name the new script 'ssh', of course invoking the re-named ssh binary.
Lock down script access of course. Your user availability/exposure model
will define which path to take, but generally speaking the latter
'replace the binary' method is a really bad idea; anyone else clued that
may use the box will be pretty ticked when she discovers the ssh binary
has been replaced :) Still, if the users are horrendously inflexible
then it may be the only route. They do exist I know......

Else you must either use sudo, or provide a way for the user to login
locally prior to invoking ssh or even another way to invoke a
user-specific terminal from which to launch from; there is no other
low-profile workaround using the default openssh. You could always alter
the openssh source as well..

I learned something new, I didn't know putty was available for anything
but wintel. Time to peep that....

Good luck, 
Jayson


On Thu, 2005-09-01 at 17:34 +0200, Guillaume Vissian wrote:

Hello,

Under Unix system the openssh client use when it is not specified in the 
command line the local user login by default, if you want to have a 
login prompt you have to use another ssh client... you can get putty for 
sun solaris.

Regards,

Guillaume Vissian
PrÃsident de l'Association d'Audit de SÃcuritÃ
53, rue de Grenelle
75007 Paris

Baveystock.John@swm.de wrote:


Hello,

I am testing openssh on a Sun Solaris 8 workstation. The ssh and support 
packages were obtained from Sunfreeware.com.

I wish to login to our Cisco components which are using ssh and tacacs+ with 
the Cisco ACS server.
When I login from a Windows PC with Putty, I am promted for my user name, 
and then I can enter my password.

With the Sun workstaion I have to enter " ssh -l user-name IP-address" to 
login. As different users will use this Sun workstation, it is important 
that the user is promted for the user name. How can we achieve this?

Thanks

John Baveystock
SWM Services Energie und Wasser GmbH
Netzwerkmanagement - S-IP-TK-KS
Emmy-Noether Str. 2, Zi. C0.80
80287 MÃnchen
Tel.: 089/2361-4350
Mobil: 0172/8223043
Fax: 089/2361-2998
E-mail: baveystock.john@swm.de
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Multiple authorized_keys2 files or how to achieve same effect., Johan De Meersman
Next by Date:  Re: User name prompt with ssh, Johan De Meersman
Previous by Thread:  Re: User name prompt with ssh, Guillaume Vissian
Next by Thread:  Re: User name prompt with ssh, Johan De Meersman
Indexes:  [Date] [Thread] [Top] [All Lists]