[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-unix-dev
Subject: Re: openssh interface
From: Nico Kadel-Garcia <nkadel () gmail ! com>
Date: 2019-05-24 8:13:24
Message-ID: CAOCN9rxrijav4Y-ReGQ_M71YFdmN=WSJkXX55u91Qv+YFL9ibQ () mail ! gmail ! com
[Download RAW message or body]
On Thu, May 23, 2019 at 10:07 AM Gorka Lendrino Vela
<gjlendrino.box@gmail.com> wrote:
>
> Shutdown a database is only an example.
> My question is if there is any interface provided by the openssh server to
> add new functionality or call a dynamic library that implements this
> functionality?
Intercepting the shell commands being passed to the remote server is
pretty nasty. It's like putting a chip in a keyboard that detects
certain words being typed and does something else. It's potentially
quite nefarious, intercepting a normal SSH initiated shell and passing
distinct commands. SSH *should not* be pulling stunts like that, it's
begging for abuse and for errors.
The "ForceCommand" can be used for ssh keys, or for particular SSH
commands, to do defined actions. And there are tools like the old
"rssh" shell that provided restricted shells for particular users,
shells that had only particular commands available. Would either of
those serve?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic