Hi Miquel, i don`t know if you want to do this for security, or just for easing youre work. But as this is a Security list, i have a little hint for you. ;-) If the Program, used as login Shell, is a Shellscript, then there is nearly always the possibility to break the script and fallback to the executing shell. Think of an exception or simply an executed vi. Remark: You can often get around exceptions using the trap command. But it`s often better using a binary, doing exactly the job you want to be done. Just my 2 ct/eur. ;-) Dirk Miguel ALBUQUERQUE wrote:
Option 1 works wonderfully !
Thank you all ;-)
Miguel Albuquerque Network Administrator
CODaLIS SA
Chemin de Trèfle-Blanc 18 1228 Plan-Les-Ouates / CH
TEL : +41 22 827 30 80 FAX : +41 22 827 30 33 http://www.codalis.ch
DISCLAIMER - This message is intended for the use of the named person only. The information contained in this E-mail is confidential and any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited. This message does not represent a formal commitment by Codalis SA. Codalis SA is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
Polarizer <Polarizer@Codixx.Com> 24.11.2005 17:13
To suse-security@suse.com cc
Subject Re: [suse-security] Close all ssh sessions
Miguel ALBUQUERQUE schrieb:
Hi,
How can one force closing an open ssh session ? I want to disconnect a user right after executing a script no waiting for a timeout. Is that possible ?
I've 3 ideas
1st)
What about to replace the login shell in /etc/passwd with the script the user can invoke. If script is done user gets logged out :O)_
youruser:x:1000:1000::/var/tmp/:/bin/yourscript
2nd)
One can invoke a script via
ssh a.ip.addr.ess "command"
so if you can disable interactive sessions in sshd it will fulfill your requirements (Dunno how to accomplish that ad hoc)
3rd)
man bash
PPID The process ID of the shell's parent. This variable is readonly.
If one invokes a script this variable should contain the PID of the underlying bash. Just kill -9 $PPID in the of the script.
Hope that helps
the polarizer http://www.codixx.de/polarizer.html
-- xcldsc TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Richard Hofbauer kaufm. Geschäftsleitung: Rosa Igl-------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: miguel.albuquerque@codalis.ch, Polarizer@Codixx.Com, suse-security@suse.com # Dateianhänge: 0