 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Fri, Jul 26, 2002 at 10:15:29AM -0400, Scott Prive wrote: > 3) Attempt remote ssh login > Administrator at PRIVES ~/temp-area > $ ssh qatest at tower15 > qatest at tower15's password: > > We're sorry, but you do not have shell access to this machine. > Please contact the system administrator for support. > > Connection to tower15 closed. > > Administrator at PRIVES ~/temp-area > $ > %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% > > > Did I miss something Alex, or does your circumvention method perhaps not work with rbash as the shell? I don't have enough information to recreate your setup exactly, in particular rbash by itself doesn't issue the message, "We're sorry, but you do not have shell access to this machine. Please contact the system administrator for support," so your rbash may be modified. Stock rbash reads its initialization files, then prevents people from running programs outside their path or using cd to change directories. Normally you would populate ~/bin/ with symlinks to the binaries you want the user to use, and use ~/.bash_profile to force ~/bin/ to be the user's PATH. This fails if the user can copy files to ~ or ~/bin/, since they can reset ~/.bash_profile or add executables to ~/bin/.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
