Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 5 Mar 2001 13:09:03 -0800
From:      Kris Kennaway <kris@obsecurity.org>
To:        Thomas Vogt <turbo23@gmx.net>
Cc:        freebsd-security@FreeBSD.ORG, kris@obsecurity.org
Subject:   Re: ssh tricks (was Re: ssh -t <host> /bin/sh trick (was Re: ftp access)
Message-ID:  <20010305130902.A85196@mollari.cthul.hu>
In-Reply-To: <22165.983794375@www37.gmx.net>; from turbo23@gmx.net on Mon, Mar 05, 2001 at 01:12:55PM %2B0100
References:  <22165.983794375@www37.gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

--mP3DRpeJDSE+ciuQ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


On Mon, Mar 05, 2001 at 01:12:55PM +0100, Thomas Vogt wrote:
> On Wed, Feb 28, 2001 at 06:36:08PM +0100, Torbjorn Kristoffersen wrote:
> >> Since the topic is 'ssh tricks', here's one that works with all
> >> versions of SSH I've used (openssh 2.3.0 as well):
> >>=3D20
> >> home$ ssh -l username site /bin/sh -i
>=20
> >This is actually an old rsh trick in new clothes :-)
>=20
> >Kris
>=20
> An what exactly does this mean? Is it dangerous to have an interactive
> shell? I see that -i brings an interactive shell up. But i can't get the =
point.
> sorry. perhaps you can explain me this in a few worths.
> thnx

It means exactly what's been said in previous messages: running sh -i
or csh -i or whatever will cause the person to not show up in 'w'
listings and so forth.  It's not a security risk unless the admin
forgets or doesn't know that people can be running commands when "not
logged in"

Kris

--mP3DRpeJDSE+ciuQ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6pABuWry0BWjoQKURAlc7AJ9A55YoRUSOc7R6s3Z3F8SgBJRRdgCg8mPo
Khm7ULNwwRYbvmA/Jk/rcRE=
=QdqO
-----END PGP SIGNATURE-----

--mP3DRpeJDSE+ciuQ--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010305130902.A85196>