Force SSH to use a specific shell
Solution 1
I don't believe this is possible, at least with openssh-based systems. If you have the ability, a better solution might be to sftp up a shell-script file, and then execute it with the method you posted. It would have the advantage of minimizing the amount of escaping needed, but would leave a file behind that would have to be removed (perhaps as the last step of the script).
Solution 2
You can use the -t
option to force allocation of a pseudo-tty for the program you want to start, as if you were executing the standard shell. Then pass the shell you want as a plain old argument.
With this technique you're able to not only use any shell that's installed but you can also open vim and other programs which require a TTY, from a single command. Which is cool if you're writing a shell script that logs you in somewhere and opens a file on vim, or htop or something.
Here's bash
me@my-machine $ ssh root@myhost -t bash
root@myhost:~#
sh
works too. As does anything else really.
me@my-machine $ ssh root@myhost -t sh
#
Not sure whether this is a login shell but there's options to make bash act like a login shell, so your shell might have that too.
Solution 3
Use a heredoc:
ssh host.domain.com /bin/bash << EOF
big ugly commands
lots of them
EOF
Solution 4
Use key-based logins, not password-based. Then you can add a (list of) "forced command(s)" to your public ssh key (in the "options" field in case of SSH1) which is installed on the server (in ~/.ssh/authorized_keys file for SSH1, ~/.ssh2/authorization for SSH2).
Make your forced command so that your desired shell is called...
More: You can associate at most one forced command to a given key. If you require multiple forced commands for different purposes, you have to setup different keys. (Of course you can put multiple things into one script, which you call via forced command. But be aware that forced commands are always run for a given account/key if the user logs in, regardless if he asked for something different to run. If you want to still honor the original command asked for, have a look into how to exploit the $SSH_ORIGINAL_COMMAND
variable...)
Read up about "forced commands" via Google.
Solution 5
Surprisingly I see different results with the following:
run in dash:
ssh [email protected] /bin/bash -c "echo <(cat)"
sh: 1: Syntax error: "(" unexpected
vs bash:
ssh [email protected] '/bin/bash -c "echo <(cat)"'
/dev/fd/63
Showing the fully quoted command is working as expected.
Related videos on Youtube
plinehan
Updated on September 17, 2022Comments
-
plinehan almost 2 years
Is there any way to force SSH to use a particular shell on the remote end, regardless of what the user's default shell is?
I've tried solutions akin to:
ssh host.domain.com /bin/bash -c 'complicated, multi-line command'
but unfortunately the default shell on the remote end is responsible for parsing the "complicated, multi-line command" part, and I'm having difficulty escaping it sufficiently to work both for Bash and C shell users.
-
Weboide almost 14 yearsshouldn't you use "-s" for bash to read commands from stdin?
-
Ignacio Vazquez-Abrams almost 14 yearsIt isn't always required.
-
plinehan almost 14 yearsThis is what I eventually did, but using scp. A great idea.
-
plinehan almost 14 yearsGood stuff. That graphic on the O'Reilly page is very nice. In my particular case, however, I want to be able to force this for any users, not just users who have set up their keys correctly. I also don't have root on the server machines, so I can't edit files like
/etc/sshrc
. -
Kurt Pfeifle almost 14 yearsWell, it is always the server (or better: the one who exerts control over the server) who calls the shots when you connect to its service.... The 'owner' of the server decides what can be done with it. -- You cannot force anything 'for any user(s)' if you don't have higher privileges than them.
-
Eric Woodruff almost 10 yearsIf the client can run arbitrary commands then the client can run an arbitrary shell as a command too.
-
Eric Woodruff almost 10 yearsI would vote this down if I could because it prevents the commands from having access to stdin and the question was about invoking a particular shell.
-
Brian Vandenberg over 9 years@KurtPfeifle that link to O'Reilly is broken
-
Kurt Pfeifle over 9 years@BrianVandenberg: Thx for the hint. I removed that link now.
-
Charles Duffy about 7 years@EricWoodruff, ...invoking a particular shell (in this case bash) is exactly what this shows how to do.
-
Charles Duffy about 7 yearsNot surprising at all. The remote ssh daemon effectively runs
sh -c "$*"
. Thus, you're runningsh -c "/bin/bash -c echo <(cat)"
; theecho
command itself is the only argument passed to-c
, and the<(cat)
is a separate argument altogether. -
Trevor Boyd Smith about 6 yearsFYI you can also do
cat /tmp/tempfile_containing_your_script ssh ${hostname} /bin/bash
. So instead of one step you have two steps: step 1 copy your script to a file, step 2cat
the script tossh
. -
belvederef over 4 yearsI do not get why this does not appear higher in the search results. Worked perfectly!
-
Hi-Angel about 4 yearsThanks, I confirm it works for me for automatically logging into
zsh
instead of bash (users of the remote instance vary, so I can't force zsh on everyone withchsh
). That said, I think it would help if usage example was in the answer instead of being a link to google. I'd sure give it my upvote. -
Hi-Angel about 4 yearsOkay, my rejoice was prematurely. What now happens is that
sshfs
hangs. In fact, anything you could try to execute asssh … mycommand
hangs, withsshfs
just being a particular case I'm interested in. So I guess no automatic login to zsh for me :c