Hi Falko,

>> Apparently a shell is required to use a jump host from the ssh command in 
>> this situation?
> 
> There's an analysis about apparently same problem:
> 
> https://unix.stackexchange.com/questions/457692/does-ssh-proxyjump-require-local-shell-access
> 
> They mention, that setting the "SHELL" variable is sufficient

Good catch!

As often with StackExchange, the first answer is not the correct answer. :-)

The answer at https://unix.stackexchange.com/a/496092 seems to hit the nail on 
the head:

> Basically I think SSH is trying to be clever and looking up the user's shell 
> and then running the proxy command using the shell. But when the shell 
> doesn't exist it fails.
> 
> If you set the environment variable SHELL before you run ssh then it will fix 
> the problem.


Unfortunately, this work-around (inserting an environment variable) seems 
incompatible with the current way BackupPC executes the commands.

The /sbin/nologin shell assignment doesn't really add that much security, but 
it would be cool if it still was possible to initiate SSH commands while using 
jump hosts without having to assign a shell to the BackupPC user.

Cheers!

Pim



_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Reply via email to