Preventing shells from being spawned
Korey Calmettes
jessnkorey at gmail.com
Sat May 17 02:21:39 WST 2008
Hello,
Back in 2005, there was a post from John Daz who would like to tunnel into
an embedded system without providing a shell. It was responded by Matt who
advised him to comment out line 70 of svr-session.c which read
"&svrchansess,".
I also would like to allow one embedded system to tunnel into another
embedded system without providing a shell. I am running Dropbear 0.50. I
commented out the same line (still on line 70) and now I am unable to log in
using dbclient.
On the server side I am running:
dropbear -r /etc/dropbearkey -s -a -p 12345
On the client side, I am running:
dbclient -p 12345 -i /etc/clientkey -y -L 80:localhost:80 -g -T 192.168.2.45
I get the following:
Host '192.168.2.45' key accepted unconditionally.
(fingerprint md5 50:69:d1:be:84:f3:6d:1d:c7:86:de:2f:bf:b9:38:25)
Connection to root at 192.168.2.45:12345 closed.
Now if I uncomment line 70 of svr-session.c, it works flawlessly.
I don't know if it matters, however I am running this on BusyBox v1.1.3 on
an ARM9 Processor.
Any assistance would be appreciated,
Thanks,
Korey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20080516/7c89cbe8/attachment.htm
More information about the Dropbear
mailing list