Hide arguments from ps

unix command-line

13,337

Solution 1

If they're logged in as you, there's basically little you can do to stop them from learning that information. If you're on Linux they'll have access to your /proc entries and can learn this information easily.

They can also:

delete all your files.
send mail in your name to insult the CEO of your company.
access all your files and command line history, if any.
myriad other things.

This is not a viable way to protect yourself. You need to sort out the identical user problem first.

Solution 2

On Linux, you can do something like

strncpy(argv[0], "mynewcmdlinehere", strlen(argv[0]));

Don't know about other Unices, sorry.

Solution 3

Hiding command line would require a script, so it's Catch-22, because other ppl having same user will have access to that script.

The solution is quite simple: Use key with pass-phrase. (howto)

Solution 4

Even if you hide the command line, the user can run lsof to see all the files that your ssh process has open - which will include the identity file. If obscuring the command line is truly the ultimate goal, though, you could start a key agent, load the identity into the agent, and then ssh using that agent. The path to the socket that the agent uses is controleld by an environment variable.

This is by no means security, though. Pax is right - the "logged in as the same user" issue is what really should be solved here. Stop using someone else's account. ;)

View more solutions

13,337

Author by

dogbane

Programmer

Updated on June 27, 2022

Comments

dogbane about 2 years
I would like to keep my ssh command hidden/disguised from other users.

Example:
```
ssh user@host -i /my/private/key
```
Unfortunately this will come up in the ps listing and other users will be able to see the private key file that I am using. Is there a way around this?

(They are logged in as the same user as I am)
ephemient about 15 years

Even when using a key with a pass-phrase, another process running as the same user could read the pass-phrase and/or decrypted key out of your ssh-agent or ssh process. There is no security against processes running with the same uid.
ephemient about 15 years

This does nothing to prevent other "users" (who are using the same uid, for unknown bad reasons) from using the original "ps" directly -- nor is it possible to prevent.
ahmet alp balkan about 13 years

he says everybody uses the same user account. chmod won't work.
Jorge Fuentes González about 10 years

Didn't know about this. So easy. Thank you!
hek2mgl almost 10 years

I tried that on linux but ps still shows a.out. Did I missed something?