[kwlug-disc] How to ... having ssh key connected ... ask for password, logout if fail?
Chris Irwin
chris at chrisirwin.ca
Thu Oct 6 11:47:38 EDT 2016
On Thu, Oct 06, 2016 at 11:20:05AM -0400, B. S. wrote:
>On 10/06/2016 11:11 AM, Chris Irwin wrote:
>>On Thu, Oct 06, 2016 at 09:00:18AM -0400, B. S. wrote:
>>>On 10/05/2016 05:06 PM, Bob Jonkman wrote:
>>>>
>>>>Perhaps you can ssh-with-certs into an unprivileged account, then from
>>>>there 'su username' into the real account to get things done. That'll
>>>>ask for a password...
>>>
>>>This appears to be the answer. Near the top of ~/.bashrc, not
>>>~/.ssh/rc, add:
>>
>>Note: This will not work unless .bashrc is sourced. The user could
>>simply run some other alternative command.
>
>Which it is.
Unless the user changes their /bin/.bashrc, or runs `chsh` to change
their shell to zsh
>My testing indicates a correct solution in all cases I could think of.
Did you try CTRL+C on the password prompt?
$ ssh localhost
Enter passphrase for key '/home/cirwin/.ssh/id_rsa':
Last login: Thu Oct 6 11:34:52 2016 from 172.16.42.114
SSH_CONNECTION is '::1 57986 ::1 22'
SSH CONNECTION, foreign, DETECTED: Calling su.
Password: -bash-4.3$
-bash-4.3$ env | grep SSH_CLIENT
SSH_CLIENT=172.16.42.114 41156 22
--
Chris Irwin
email: chris at chrisirwin.ca
xmpp: chris at chrisirwin.ca
web: https://chrisirwin.ca
More information about the kwlug-disc
mailing list