Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Restricted (ksh -r) shell and SSH on AIX5.1

from [Mike Wodei] Network Security [Permanent Link]
Subject: RE: Restricted (ksh -r) shell and SSH on AIX5.1
Date: Wed, 21 Nov 2007 12:16:42 -0700 

 rksh is available on AIX 5.x, and it works fine with ssh and scp, however
it does not allow you to cd (including subdirectories) and doe not allow you
to run a command with a leading "/", so you can not spawn the sftp process.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Jeremy C. Reed
Sent: Tuesday, November 20, 2007 11:03 AM
To: Rob Sherry
Cc: secureshell@securityfocus.com; secureshell-return-9680@securityfocus.com
Subject: Re: Restricted (ksh -r) shell and SSH on AIX5.1


Set user's shell to /usr/bin/ksh -r)

Now, every time he tries to log in via either ssh *or* sftp, I get the 
following showing up in the syslog:

Nov 19 10:21:09 hostname sshd[811106]: User bogus not allowed because 
shell /usr/bin/ksh -r is not executable


It is literally with a space and -r. You don't use command line arguments in
the passwd(5) file.


Anyone have any ideas? Am I missing something stupidly simple? (and 
yes, /usr/bin/ksh *is* executable)


ls -l "/usr/bin/ksh -r"

Maybe you can make a script rksh that runs ksh -r. Some systems already have
a rksh for restricted ksh. (Check if you already have rksh.)
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Defering passphrase entry with ssh-add, Hari Sekhon
Next by Date:  Re: Restricted (ksh -r) shell and SSH on AIX5.1, lonely wolf
Previous by Thread:  Re: Restricted (ksh -r) shell and SSH on AIX5.1, Jeremy C. Reed
Next by Thread:  Re: Restricted (ksh -r) shell and SSH on AIX5.1, lonely wolf
Indexes:  [Date] [Thread] [Top] [All Lists]