09-01-2018
Quote:
Originally Posted by
d_brodie
I have an issue with all of my AIX servers where a user can execute a remote command (bash in this case) using PuTTY and bypass all of the application security that we setup in the users .profile. How do I secure this without breaking the rest of the users?
Sorry, but i don't understand: PuTTY is a SSH-client which i use myself. If the user can connect to a system and execute
bash -norc that means he has
1) identified himself to the system (by password, SSH-key, whatever)
2) has the right to execute whatever it is he executes
What exactly is breaking the security now? And, finally, if you don't want users to use bash why do you install it onto the system? AIX has Korn shell as the system default and you can either deinstall bash or disable its use as login shell in
/etc/security/login.cfg.
I hope this helps.
bakunin
This User Gave Thanks to bakunin For This Post:
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Could anyone pls tell me what's the Putty KeepAlive command, use to prevent the putty disconnected from server.thanks (8 Replies)
Discussion started by: dannyd_y
8 Replies
2. SCO
Hi,
How to execute unix commands in remote unix servers?
Thanks,
Pintu (2 Replies)
Discussion started by: pintupatro
2 Replies
3. UNIX for Advanced & Expert Users
I am running Putty 0.60 from Windows XP and I am connecting to a Linux box.
I would like to be able to pass a command line parameter to my Linux session so that my Linux session can execute a specific command, depending on the command line parameter. I have looked on the Internet and tried... (1 Reply)
Discussion started by: SFNYC
1 Replies
4. Shell Programming and Scripting
Hey,
Task seems to be quite easy, but I'm still a bit green in shell scripting. I hope you can help me a bit. I have to run some simulation at the distance by remote terminal.
Normally when I'm working on the server directly I just type:
mpirun -np 8 compressibleInterFoam -parallel > log.txt... (7 Replies)
Discussion started by: PiPrus
7 Replies
5. UNIX for Dummies Questions & Answers
Hi all,
putty connection manager is great but when attempting to sudo or ssh to another box via the post login commands it is subject to issues due to network latency (what happens is that pcm enters the password before the unix box is ready to receive it). Is there any clever way I can make... (1 Reply)
Discussion started by: skinnygav
1 Replies
6. Red Hat
Hi, I am trying to update my site using putty. My server is in linux. I found few commands that help me to access and do few stuffs in the server. Please add additional command.
ls - to list files in a directory:
cd - change directory (navigate to some directory):
cp - copy a file:
mv - move... (5 Replies)
Discussion started by: khadkabirendra
5 Replies
7. Shell Programming and Scripting
I solved my issue by using the following code
#!/bin/bash
function GET_STATUS {
#values Active Passive Failed
ssh -a localhost '/home/user/fakecommand.sh'
}
STATE="unknown"
until ]
do
echo $STATE
sleep 5
STATUS=`GET_STATUS`
echo $STATUS | grep Active &&... (1 Reply)
Discussion started by: $scipt_Kid
1 Replies
8. UNIX for Dummies Questions & Answers
Hi,
Last 2 weeks I have searched many forums and i haven't found the answer for the question:
How to get all command output to Putty title?
Needed it for other programs to know when some jobs on a server is done and is it done right or wrong. Plink stdout and stdin wasn't working, i used many... (1 Reply)
Discussion started by: domagaj
1 Replies
9. Shell Programming and Scripting
Geeks,
Could you please help me out in my script and identify the missing piece. I need to check/get the exit status of a remote command executed on remote host through script and send out an email when process/processes is/are not running on any/all server(s).
Here's the complete... (5 Replies)
Discussion started by: lovesaikrishna
5 Replies
10. Shell Programming and Scripting
Hello i am having an issue with bash script and this is the code
now=$(cat hosts1.txt | awk '{print $2;}')
while read n ;do
ssh root@$now 'useradd test1; echo -e "test1\ntest1" | passwd test1 && echo "test1 ALL=(ALL:ALL) ALL" >> /etc/sudoers'
When i execute only part with cat, it... (8 Replies)
Discussion started by: tomislav91
8 Replies
plink(1) PuTTY tool suite plink(1)
NAME
plink - PuTTY link, command line network connection tool
SYNOPSIS
plink [options] [user@]host [command]
DESCRIPTION
plink is a network connection tool supporting several protocols.
OPTIONS
The command-line options supported by plink are:
-V Show version information and exit.
-pgpfp Display the fingerprints of the PuTTY PGP Master Keys and exit, to aid in verifying new files released by the PuTTY team.
-v Show verbose messages.
-load session
Load settings from saved session.
-ssh Force use of SSH protocol (default).
-telnet
Force use of Telnet protocol.
-rlogin
Force use of rlogin protocol.
-raw Force raw mode.
-serial
Force serial mode.
-P port
Connect to port port.
-l user
Set remote username to user.
-m path
Read remote command(s) from local file path.
-batch Disable interactive prompts.
-pw password
Set remote password to password. CAUTION: this will likely make the password visible to other users of the local machine (via com-
mands such as `w').
-L [srcaddr:]srcport:desthost:destport
Set up a local port forwarding: listen on srcport (or srcaddr:srcport if specified), and forward any connections over the SSH con-
nection to the destination address desthost:destport. Only works in SSH.
-R [srcaddr:]srcport:desthost:destport
Set up a remote port forwarding: ask the SSH server to listen on srcport (or srcaddr:srcport if specified), and to forward any con-
nections back over the SSH connection where the client will pass them on to the destination address desthost:destport. Only works in
SSH.
-D [srcaddr:]srcport
Set up dynamic port forwarding. The client listens on srcport (or srcaddr:srcport if specified), and implements a SOCKS server. So
you can point SOCKS-aware applications at this port and they will automatically use the SSH connection to tunnel all their connec-
tions. Only works in SSH.
-X Enable X11 forwarding.
-x Disable X11 forwarding (default).
-A Enable agent forwarding.
-a Disable agent forwarding (default).
-t Enable pty allocation (default if a command is NOT specified).
-T Disable pty allocation (default if a command is specified).
-1 Force use of SSH protocol version 1.
-2 Force use of SSH protocol version 2.
-C Enable SSH compression.
-i path
Private key file for authentication.
-s Remote command is SSH subsystem (SSH-2 only).
-N Don't start a remote command or shell at all (SSH-2 only).
-sercfg configuration-string
Specify the configuration parameters for the serial port, in -serial mode. configuration-string should be a comma-separated list of
configuration parameters as follows:
o Any single digit from 5 to 9 sets the number of data bits.
o `1', `1.5' or `2' sets the number of stop bits.
o Any other numeric string is interpreted as a baud rate.
o A single lower-case letter specifies the parity: `n' for none, `o' for odd, `e' for even, `m' for mark and `s' for space.
o A single upper-case letter specifies the flow control: `N' for none, `X' for XON/XOFF, `R' for RTS/CTS and `D' for DSR/DTR.
MORE INFORMATION
For more information on plink, it's probably best to go and look at the manual on the PuTTY web page:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
BUGS
This man page isn't terribly complete. See the above web link for better documentation.
PuTTY tool suite 2004-03-24 plink(1)