From owner-freebsd-security Mon Mar 5 13: 9:12 2001 Delivered-To: freebsd-security@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-158.dsl.lsan03.pacbell.net [63.207.60.158]) by hub.freebsd.org (Postfix) with ESMTP id E50CA37B718 for ; Mon, 5 Mar 2001 13:09:03 -0800 (PST) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 2675E66E9B; Mon, 5 Mar 2001 13:09:03 -0800 (PST) Date: Mon, 5 Mar 2001 13:09:03 -0800 From: Kris Kennaway To: Thomas Vogt Cc: freebsd-security@FreeBSD.ORG, kris@obsecurity.org Subject: Re: ssh tricks (was Re: ssh -t /bin/sh trick (was Re: ftp access) Message-ID: <20010305130902.A85196@mollari.cthul.hu> References: <22165.983794375@www37.gmx.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="mP3DRpeJDSE+ciuQ" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <22165.983794375@www37.gmx.net>; from turbo23@gmx.net on Mon, Mar 05, 2001 at 01:12:55PM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 05, 2001 at 01:12:55PM +0100, Thomas Vogt wrote: > On Wed, Feb 28, 2001 at 06:36:08PM +0100, Torbjorn Kristoffersen wrote: > >> Since the topic is 'ssh tricks', here's one that works with all > >> versions of SSH I've used (openssh 2.3.0 as well): > >>=3D20 > >> home$ ssh -l username site /bin/sh -i >=20 > >This is actually an old rsh trick in new clothes :-) >=20 > >Kris >=20 > An what exactly does this mean? Is it dangerous to have an interactive > shell? I see that -i brings an interactive shell up. But i can't get the = point. > sorry. perhaps you can explain me this in a few worths. > thnx It means exactly what's been said in previous messages: running sh -i or csh -i or whatever will cause the person to not show up in 'w' listings and so forth. It's not a security risk unless the admin forgets or doesn't know that people can be running commands when "not logged in" Kris --mP3DRpeJDSE+ciuQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6pABuWry0BWjoQKURAlc7AJ9A55YoRUSOc7R6s3Z3F8SgBJRRdgCg8mPo Khm7ULNwwRYbvmA/Jk/rcRE= =QdqO -----END PGP SIGNATURE----- --mP3DRpeJDSE+ciuQ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message