[SunHELP] SSH gateway
Jan Johansson
sunhelp at sunhelp.org
Wed Apr 18 02:05:42 CDT 2001
On Tue, Apr 17, 2001 at 06:45:49PM -0400, Dale Ghent wrote:
>if you want them to telnet out after SSH'ing in, just make the users'
>shell /usr/bin/telnet
>
>They'll SSh in, then get a telnet prompt.
Do not trust this without hacking your telnet binary. Why?
nemesis$ telnet
telnet> !echo foo
foo
telnet> !
nemesis$ exit
telnet> !/bin/ksh
nemesis$ exit
telnet> quit
nemesis$
>If you want them to ssh out, a simple shell script can be made that, when
>used as the user's shell (like in the above telnet example), it prompts
>for the user to input a username/hostname combo, and that execs ssh with
>the propper options.
It is extreamly difficult to keep users in a shell script, you
need to trap all ^C, ^D, ^Z and such like.
Suggestion would be a real homemade binary. But still, many
programs you call will have a "!" function.
More information about the SunHELP
mailing list