I've develop an interactive shell script, where my users will perform a few operations. I've create a user that runs this scripts automatically on startup.
Startup script ./.bash_login
-------------------------------
/scripts/interactive_shell.py
exit
This script performs correctly my interest, it runs my python interactive script, and when I kill my script, it runs exit and finish my connection.
The security problem appears when I'm connecting using my private key with something like this
ssh [email protected] -i security_key '/bin/bash'
It runs bash shell and I can get something I don't want control over the machine.
My question is, is it possible to change the shell at /etc/passwd to my script or It's preferable to jailroot this user?
Thanks!
I've tried to change the /etc/passwd file to something like this
It works! and if you try to execute some kind of code I'll get this:
I soupose this is 100% secure, but it's you cannot run commands easilly.
I would check out rssh (the restricted shell).