SSH and restricted shell

**elovkoff** · 03-20-2003, 02:51 PM

I'vbe created a restricted shell for the user on teh RH7.2 box in order for remote admins to log in and to be presented only with menu to check NTP status.
I can login as that user locally (or loging as root and then su to that user), all using SSH.
But when I try to SSH to that box and use the user that has restricted shell, then I cannot login (ssh authentication fails)

User in question was created like that ' useradd ntpuser -s /bin/ntpshell

Any ideas why this is happening?

Thank you.

**Schotty** · 03-21-2003, 04:22 AM

hmm, I am presuming that you created a custom shell environment, right? I mean there, a command that is run instead of /bin/bash . Well I would try looking at the logs and see what exactly is causing it to barf out.

**elovkoff** · 03-21-2003, 02:21 PM

I started telnet server on the same box and I was able to telnet to it with the username and get restricted shell, I cannot do it using SSH. (but I can ssh as root)
Nothing in the logs besides 'sesison opened for <username>, session closed for <username>

???

**Schotty** · 03-21-2003, 05:52 PM

check your configuration for sshd then.

**elovkoff** · 03-21-2003, 06:01 PM

What should I be looking for?

**elovkoff** · 03-22-2003, 12:23 AM

I've tried to ssh from the other box and I could, so I guess the problem is with my own box, BUT:
From my box I can login as root, but cannot login as regular user, is there anything in SSH that remembers that i've logged it from specific workstation as root and it doesn't allow to swith user?
(It's a stupid suggection, but I don't know what ot think...)

**elovkoff** · 03-22-2003, 12:28 AM

The problem was with Terminal Emulation I use - secureCRT, you should switch the username in the profile, if you do that on the fly in the login box it doesn't work, geez, and SecureCRT is a commercial product.
Sorry I've wasted your time on this. :-\

**Schotty** · 03-24-2003, 06:57 PM

[quote author=elovkoff link=board=1;threadid=6638;start=0#62520 date=1048292918]
Sorry I've wasted your time on this. :-\
[/quote]

Hehe, dont worry -- I am unemployed -- I have lotsa time ;D

**datamike** · 03-26-2003, 09:17 PM

Hey Andrew, do you live near Massachusetts? We are going to be hireing another UNIX/Linux admin soon. I can get you in here, no prob.

**Schotty** · 03-26-2003, 11:12 PM

Hehe, unfortunately no. Milwaukee ;D

And I would take you up on the offer if I had the $$$ to move.

Thanks for the consideration ;D

BTW you did get my email right?