SSH without invoking shell

protocolshellssh

I've managed to mess up some shared libraries on my system, and now my shell cannot be run, thus locking me out of the system. Both ssh, sftp, and scp, as configured on the remote system, seem to rely on the shell, so those alternatives are out. Really, it is not a big issue because I have some remote hands that can change my shell to sh via console.

However I'm curious, getting down to the mechanics of the SSH protocol, whether it is possible to authenticate and perform some manipulations on the remote system (eg, modifying /etc/passwd), without ever invoking the shell?

EDIT

Just to be fair, to the fellow who suggested specifying the alternative command/shell after the ssh command string (eg, ssh myhost /bin/sh): the man page does state:

If command is specified, it is executed on the remote host instead of a login shell.

which could definitely be confusing.

Best Answer

[for the record only -- at the time of writing, the problem has long been fixed, hopefully]

With openssh, ANY command executed by sshd is executed via your login shell with the -c option:

  • command passed in the ssh command line (i.e. ssh user@host command)
  • command set up in the .authorized_keys file (i.e. command="..." ssh-rsa AAAA...)
  • command specified by the ForceCommand option in sshd_config
  • the execution of the ~/.ssh/rc script (via /bin/sh ~/.ssh/rc)
  • even the scp commands local to a server executed in response to a remote scp

So, if your login shell is faked (/bin/false or nologin) or broken, there is no way for you to execute anything remotely with ssh. That's also why no alternative shell is possible.

Related Topic