Quantcast

how to make sshd start a shell other than bash when I log in?

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

how to make sshd start a shell other than bash when I log in?

Andrew Schulman
My regular shell is fish. To make local terminals run fish instead of bash when
I start them, I set

SHELL=/usr/bin/fish

in my desktop environment. This works fine: I start MinTTY, and fish starts.

But when I log into that same host by sshd, bash starts, not fish (since sshd
doesn't have access to my desktop environment variables). How can I configure
either my ssh client or the ssh server to start fish instead of bash?

On a Linux host, sshd will start the user's default shell, as recorded in
/etc/passwd and set by chsh. But in Cygwin we don't have those.

On the client I know I could run e.g.

ssh host /usr/bin/fish --login

but I don't want to have to do that every time, and there doesn't seem to be a
way to set it in ssh_config.

Thanks,
Andrew


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

L A Walsh
Andrew Schulman wrote:
> But when I log into that same host by sshd, bash starts...
>  
Have you tried changing your shell
(chsh if it is on your system, otherwise edit /etc/passwd
and change the shell for your username).

andrews:x:1001:545:A.S.:/home/andrews:/bin/fish
                                          ^^^

You will need to make sure the shell is listed
in the allowed shells file (/etc/shells).

Not sure what would be best if you don't
have a /etc/passwd... (I might add one, but
someone else may know a better way).









--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Brian Inglis
On 2017-04-06 20:08, L A Walsh wrote:

> Andrew Schulman wrote:
>> But when I log into that same host by sshd, bash starts...
> Have you tried changing your shell
> (chsh if it is on your system, otherwise edit /etc/passwd
> and change the shell for your username).
> andrews:x:1001:545:A.S.:/home/andrews:/bin/fish
> You will need to make sure the shell is listed
> in the allowed shells file (/etc/shells).
> Not sure what would be best if you don't
> have a /etc/passwd... (I might add one, but
> someone else may know a better way).

Under ssh(1) ENVIRONMENT:
"Additionally, ssh reads ~/.ssh/environment, and adds lines of the
format “VARNAME=value” to the environment if the file exists and
users are allowed to change their environment. For more information,
see the PermitUserEnvironment option in sshd_config(5)."
which says:
"PermitUserEnvironment
Specifies whether ~/.ssh/environment and environment= options in
~/.ssh/authorized_keys are processed by sshd(8). The default is no."
In sshd(8) under AUTHORIZED_KEYS FILE FORMAT:
"environment="NAME=value"
Specifies that the string is to be added to the environment when
logging in using this key. Environment variables set this way
override other default environment values. Multiple options of this
type are permitted. Environment processing is disabled by default and
is controlled via the PermitUserEnvironment option."

Set /etc/sshd_config PermitUserEnvironment=yes then try adding in
~/.ssh/authorized_keys on the same line before your remote host key:
        environment="SHELL=/bin/fish"
followed by a space before the key type, or add to ~/.ssh/environment
so it will apply to all remote host connections:
        SHELL=/bin/fish
and ensure those files have only user rw permissions as usual with ssh.

--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Andrew Schulman
> On 2017-04-06 20:08, L A Walsh wrote:
> > Andrew Schulman wrote:
> >> But when I log into that same host by sshd, bash starts...
> > Have you tried changing your shell
> > (chsh if it is on your system, otherwise edit /etc/passwd
> > and change the shell for your username).
> > andrews:x:1001:545:A.S.:/home/andrews:/bin/fish
> > You will need to make sure the shell is listed
> > in the allowed shells file (/etc/shells).
> > Not sure what would be best if you don't
> > have a /etc/passwd... (I might add one, but
> > someone else may know a better way).
>
> Under ssh(1) ENVIRONMENT:
> "Additionally, ssh reads ~/.ssh/environment, and adds lines of the
> format “VARNAME=value” to the environment if the file exists and
> users are allowed to change their environment. For more information,
> see the PermitUserEnvironment option in sshd_config(5)."
> which says:
> "PermitUserEnvironment
> Specifies whether ~/.ssh/environment and environment= options in
> ~/.ssh/authorized_keys are processed by sshd(8). The default is no."
> In sshd(8) under AUTHORIZED_KEYS FILE FORMAT:
> "environment="NAME=value"
> Specifies that the string is to be added to the environment when
> logging in using this key. Environment variables set this way
> override other default environment values. Multiple options of this
> type are permitted. Environment processing is disabled by default and
> is controlled via the PermitUserEnvironment option."
>
> Set /etc/sshd_config PermitUserEnvironment=yes then try adding in
> ~/.ssh/authorized_keys on the same line before your remote host key:
> environment="SHELL=/bin/fish"
> followed by a space before the key type, or add to ~/.ssh/environment
> so it will apply to all remote host connections:
> SHELL=/bin/fish
> and ensure those files have only user rw permissions as usual with ssh.

Thanks y'all. It turns out that setting SHELL in ~/.ssh/environment doesn't
work, nor does setting it in the key command. But setting

command="/usr/bin/fish --login" ssh-rsa ...

in authorized_keys does work.

Andrew


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Brian Inglis
On 2017-04-08 17:22, Andrew Schulman wrote:
> It turns out that setting SHELL in ~/.ssh/environment doesn't work,
> nor does setting it in the key command. But setting
> command="/usr/bin/fish --login" ssh-rsa ...
> in authorized_keys does work.

Thanks for figuring this out -- it's a keeper!

--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Andrew Schulman
In reply to this post by Andrew Schulman
> It turns out that setting SHELL in ~/.ssh/environment doesn't
> work, nor does setting it in the key command. But setting
>
> command="/usr/bin/fish --login" ssh-rsa ...
>
> in authorized_keys does work.

Problem with that of course is that it only allows you to run login shells, even
if you're trying to run non-interactive remote commands. I guess you could use a
different ssh key for those, but that's a bit of a pain.

The compromise I finally settled on was just to put

exec /usr/bin/fish --login

in ~/.bash_profile.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Thorsten Kampe
In reply to this post by Andrew Schulman
* Andrew Schulman (Thu, 06 Apr 2017 21:22:38 -0400)

>
> My regular shell is fish. To make local terminals run fish instead of bash when
> I start them, I set
>
> SHELL=/usr/bin/fish
>
> in my desktop environment. This works fine: I start MinTTY, and fish starts.
>
> But when I log into that same host by sshd, bash starts, not fish (since sshd
> doesn't have access to my desktop environment variables). How can I configure
> either my ssh client or the ssh server to start fish instead of bash?

I use db_shell in /etc/nsswitch.conf.

Thorsten


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Brian Inglis
On 2017-04-14 02:27, Thorsten Kampe wrote:

> * Andrew Schulman (Thu, 06 Apr 2017 21:22:38 -0400)
>> My regular shell is fish. To make local terminals run fish instead
>> of bash when I start them, I set
>> SHELL=/usr/bin/fish
>> in my desktop environment. This works fine: I start MinTTY, and
>> fish starts.
>> But when I log into that same host by sshd, bash starts, not fish
>> (since sshd doesn't have access to my desktop environment
>> variables). How can I configure either my ssh client or the ssh
>> server to start fish instead of bash?
> I use db_shell in /etc/nsswitch.conf.

How do you use db_shell, what do you set it to in /etc/nsswitch.conf,
do you set anything else, and how does this change the shell under ssh?
Please provide details and why you think this will work for the OP's issue.

--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Andrew Schulman
In reply to this post by Thorsten Kampe
> * Andrew Schulman (Thu, 06 Apr 2017 21:22:38 -0400)
> >
> > My regular shell is fish. To make local terminals run fish instead of bash when
> > I start them, I set
> >
> > SHELL=/usr/bin/fish
> >
> > in my desktop environment. This works fine: I start MinTTY, and fish starts.
> >
> > But when I log into that same host by sshd, bash starts, not fish (since sshd
> > doesn't have access to my desktop environment variables). How can I configure
> > either my ssh client or the ssh server to start fish instead of bash?
>
> I use db_shell in /etc/nsswitch.conf.

Hm. So this is documented in "The db_shell setting" at
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch. AFAICT, the
only useful option there for my purposes is to set

db_shell = /bin/fish

After restarting sshd, this does make fish my login shell. Of course, it makes
fish the login shell for every other user on the host too, but for single-user
hosts such as mine, that works fine. Thanks.

Andrew


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Andrew Schulman
> > * Andrew Schulman (Thu, 06 Apr 2017 21:22:38 -0400)
> > >
> > > My regular shell is fish. To make local terminals run fish instead of bash when
> > > I start them, I set
> > >
> > > SHELL=/usr/bin/fish
> > >
> > > in my desktop environment. This works fine: I start MinTTY, and fish starts.
> > >
> > > But when I log into that same host by sshd, bash starts, not fish (since sshd
> > > doesn't have access to my desktop environment variables). How can I configure
> > > either my ssh client or the ssh server to start fish instead of bash?
> >
> > I use db_shell in /etc/nsswitch.conf.
>
> Hm. So this is documented in "The db_shell setting" at
> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch. AFAICT, the
> only useful option there for my purposes is to set
>
> db_shell = /bin/fish
>
> After restarting sshd, this does make fish my login shell. Of course, it makes
> fish the login shell for every other user on the host too, but for single-user
> hosts such as mine, that works fine. Thanks.

Reading further on in the docs, to set the shell independently for different
users, in /etc/nsswitch.conf set

db_shell = desc

Then in an administrative shell, run e.g.

net user andrew /comment:'<cygwin shell="/bin/fish"/>'

Then restart sshd. Annoying that it has to be done administratively, but anyway
it works. Again thanks.

Andrew


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: how to make sshd start a shell other than bash when I log in?

Gluszczak, Glenn-2
In reply to this post by Andrew Schulman

Odd.  To change to csh with sshd I have /bin/tcsh in /etc/passwd.
I then wanted to automatically switch to CMD so I tried /cygdrive/c/.../cmd.exe but I was getting extra newlines from cmd.
I ended up switching to tcsh in /etc/passwd and using a .login containing

exec cmd /q

to stop the newlines.  

Perhaps you can try a .profile with an exec to fish?


---------------------------------
Hm. So this is documented in "The db_shell setting" at https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch. AFAICT, the only useful option there for my purposes is to set

db_shell = /bin/fish

After restarting sshd, this does make fish my login shell. Of course, it makes fish the login shell for every other user on the host too, but for single-user hosts such as mine, that works fine. Thanks.

Andrew


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: how to make sshd start a shell other than bash when I log in?

Andrew Schulman
> Perhaps you can try a .profile with an exec to fish?

Yes, that also works.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Loading...