Using a Python script as a login shell
Hello fellow Debianites!
I want do do a custom CLI for a project, and I am quite happy with the
Python cmd module. Aside from having a practically un-googleable name
it is very nice, and does a lot with very little code. So far, so good.
But:
If I write a Python script with this module, and expose it to the
internet via SSH, will hell break loose? So far I've done the
following:
1. Put my script in /usr/local/bin/turtle (the canonical example in the
docs is something with turtle), you can see the sourcecode of my script
here:
https://pi.h5.or.at/mockturtle.txt
This script does absolutely nothing sensible, you can try it out
by doing a
ssh -l admin probe.aisg.at
from a IPv6 capable host (sorry, no IPv4). The password is "admin".
Any and all suggestions on stuff that is stupid and crazy from a
security standpoint in this script are very much appreciated!
2. Then I put /usr/local/bin/turtle in /etc/shells
3. I added a user "admin" that has /usr/local/bin/turtle as shell
4. I added following stanza to /etc/ssh/sshd_config
Match User admin
X11Forwarding no
AllowTcpForwarding no
ForceCommand /usr/local/bin/turtle
5. In the script I tried to catch the Ctrl-C signal, so the interpreter
does not give out too obvious error messages (that show what is going
on behind the scenes).
Is this enough to harden this setup against escaping into a shell
or the full python interpreter, to do something nasty? Or is it
completely crazy, because theere is some way to abuse a setup like
this, that I have not found yet?
TIA
Ralph
Reply to: