HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=25)
-   -   Jailkit + SSH_ORIGINAL_COMMAND (http://www.howtoforge.com/forums/showthread.php?t=61869)

stef70 17th May 2013 13:27

Jailkit + SSH_ORIGINAL_COMMAND
 
I am hosted on a site that uses ispconfig.

I created a ssh account to host a rsync server. I am trying to secure the ssh connection as indicated in http://troy.jdmz.net/rsync/index.html :

(1) In ~/.ssh/authorized_keys, prefix the ssh key with command="/home/bob/zzzzz.sh"
(2) In the script /home/bob/zzzzz.sh , filter the connection according to the environment variable SSH_ORIGINAL_COMMAND as shown on the above page.

The problem is that the ssh connection does not provide the environment variable SSH_ORIGINAL_COMMAND when the ssh user is chrooted with Jailkit.

I suspect that jailkit is filtering the environment variable. This is probably not a ssh server issue since the environment variable is there when the account is not chrooted.

I would appreciate some advices before I contact the site administrator (ideally with the solution)

To reproduce the problem:

(a) create a ssh user with a jailkit chroot

(b) prepend command="/bin/bash" to its ssh public key:
command="/bin/bash" ssh-rsa AAAAB3NzaC1yc2EAAAADAQ...

(c) log with 'ssh SERVER xxxxxx'
that should trigger a bash shell without a prompt

(d) list all environment variables with the bash command 'set'.
SSH_ORIGINAL_COMMAND should be xxxxxx but it is unset


All times are GMT +2. The time now is 12:59.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.