SSH_ORIGINAL_COMMAND variable not getting set

ssh freebsd ssh-keys jail
6,687

Look in /etc/profile and other init scripts (~/.bashrc etc) - those are some things which set environment variables.

Remember that you need a ". " in place of scripts if you want their environment settings they set up to "stick".

Share:
6,687

Related videos on Youtube

dtg
Author by

dtg

Updated on September 18, 2022

Comments

  • dtg
    dtg almost 2 years

    I am working with two servers, both of which run FreeBSD 8.4-RELEASE-p1 and OpenSSH_6.1p1. Both servers' ssh_config files, located in /etc/ssh, are identical. Both servers are configured to allow users to remote into a jailed environment using SSH.

    As a test, I logged into a test user's jail using SSH keys on both servers, using the following command:

    ssh -i ~/.ssh/private_key [email protected] hello

    And the authorized_keys file in both cases specifies the following command to be run after authentication, prepended to the public key (permissions are the same on both servers):

    command="~/test.sh",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty

    Where test.shsimply performs the following operation:

    #!/bin/sh

echo SSH_ORIGINAL_COMMAND = $SSH_ORIGINAL_COMMAND

    On one server, the output from the above sh script shows the following:

    SSH_ORIGINAL_COMMAND = hello

    But on the other server, the result appears not to get stored in SSH_ORIGINAL_COMMAND

    SSH_ORIGINAL_COMMAND =

    The behavior is the same for the respective server for each user jail. My question is - what other configuration would I need to allow the SSH_ORIGINAL_COMMAND variable to be set after authentication in the case of the second server?

    • citrin
      citrin almost 10 years
      Try to add env command to test.sh to see if other SSH_* variables are set
    • dtg
      dtg almost 10 years
      Thanks. It appears that the env command is not accessible via the user jails.
    • chutz
      chutz over 8 years
      Have you compared the /etc/ssh/sshd_config files on both servers?
    • Adam Katz
      Adam Katz almost 8 years
      If you put env |grep -i ssh into that second server's test.sh script, what environment variables are found? Is there a difference between SSH server versions or configurations on the two systems?
    • chutz
      chutz over 7 years
      @Dylan: If env is not available, you can use set with similar success. It is a shell built-in and would work inside the jail.
    • ptman
      ptman almost 7 years
      It seems that SSH_ORIGINAL_COMMAND is set if you have a forced command. Do both servers actually read the authorized_keys file? sources.debian.net/src/openssh/1:7.5p1-5/session.c

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

FreeBSD - Can't access jail from SSH
ssh-copy-id in one line with password, possible?
ssh -T [email protected] Permission denied (publickey)
Not able to ssh to the server
Unable to SSH to Google Cloud
ssh key stops functioning after a while
Git looking for my SSH key in the wrong location
ansible ssh permission denied
Unknown cipher type error on trying execute remote command over ssh
FreeBSD: jail can not set security.jail.sysvipc_allowed