Web lists-archives.com

Re: how to make sshd start a shell other than bash when I log in?




> On 2017-04-06 20:08, L A Walsh wrote:
> > Andrew Schulman wrote:
> >> But when I log into that same host by sshd, bash starts...
> > Have you tried changing your shell
> > (chsh if it is on your system, otherwise edit /etc/passwd
> > and change the shell for your username).
> > andrews:x:1001:545:A.S.:/home/andrews:/bin/fish
> > You will need to make sure the shell is listed
> > in the allowed shells file (/etc/shells).
> > Not sure what would be best if you don't
> > have a /etc/passwd... (I might add one, but
> > someone else may know a better way).
> 
> Under ssh(1) ENVIRONMENT:
> "Additionally, ssh reads ~/.ssh/environment, and adds lines of the
> format “VARNAME=value” to the environment if the file exists and
> users are allowed to change their environment. For more information,
> see the PermitUserEnvironment option in sshd_config(5)."
> which says:
> "PermitUserEnvironment
> Specifies whether ~/.ssh/environment and environment= options in
> ~/.ssh/authorized_keys are processed by sshd(8). The default is no."
> In sshd(8) under AUTHORIZED_KEYS FILE FORMAT:
> "environment="NAME=value"
> Specifies that the string is to be added to the environment when
> logging in using this key. Environment variables set this way
> override other default environment values. Multiple options of this
> type are permitted. Environment processing is disabled by default and
> is controlled via the PermitUserEnvironment option."
> 
> Set /etc/sshd_config PermitUserEnvironment=yes then try adding in 
> ~/.ssh/authorized_keys on the same line before your remote host key:
> 	environment="SHELL=/bin/fish"
> followed by a space before the key type, or add to ~/.ssh/environment 
> so it will apply to all remote host connections:
> 	SHELL=/bin/fish
> and ensure those files have only user rw permissions as usual with ssh.

Thanks y'all. It turns out that setting SHELL in ~/.ssh/environment doesn't
work, nor does setting it in the key command. But setting

command="/usr/bin/fish --login" ssh-rsa ...

in authorized_keys does work.

Andrew


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple