Coleman Kane wrote:
Look at "PermitUserEnvironment yes" in sshd_config.
Well, this does not work with the environment variable exported on the
current window, on which a remote secure shell was initiated by a normal
user.
However, if I define the variable at ~/.ssh/environment, it worked.
$ grep ENV ~/.ssh/environment
ENVIRONMENT=BATCH_ssh_environment
$ /usr/local/bin/ssh -l dant3 hes-hpc4
Last login: Thu Mar 16 11:44:27 2006 from hes-hpc3
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
========================
dant3: user profile
UID PID PPID C STIME TTY TIME CMD
dant3 27380 27378 0 11:46:22 pts/2 0:00 -ksh
ENVIRONMENT=BATCH_ssh_environment
dant3: End user profile
========================
But, I can not use this "permitUserEnvironment yes" parameter because
the attribute of the ENVIRONMENT variable is dynamically set.
Interestingly, this works if a user root initiated the ssh remote login.
But not for a normal user.
Any other suggestions?
Regards,
- Chansup
On Wed, Mar 15, 2006 at 11:06:52AM -0500, Chansup Byun wrote:
Hi,
I am trying to send an local environment variable, ENVIRONMENT, to the
remote session with the following OpenSSH version.
OpenSSH_4.2p1, OpenSSL 0.9.8a 11 Oct 2005
Following the ssh_config and sshd_config man pages, in order to pass the
local environment variable, ENVIRONMENT, I added the following lines to
both config files, respectively.
bash-2.05# grep Env /usr/local/etc/ssh_config
SendEnv ENVIRONMENT
bash-2.05# grep Env /usr/local/etc/sshd_config | grep ENVIRONMENT
AcceptEnv ENVIRONMENT
My test showed that it worked fine when I started the remote session as
a root. However, if I started the remote session as a normal user, the
remote session didn't get the local environment variable.
Is this a bug or a feature?
Is there a way to make this work for normal users?
Here're my test results:
bash-2.05# export ENVIRONMENT=BATCH_root
bash-2.05# echo $ENVIRONMENT
BATCH_root
bash-2.05# /usr/local/bin/ssh -l dant3 hes-hpc3
[EMAIL PROTECTED]'s password:
Last login: Wed Mar 15 10:34:44 2006 from hes-hpc4
========================
dant3: user profile
UID PID PPID C STIME TTY TIME CMD
dant3 863 861 0 10:51:08 pts/3 0:00 -ksh
ENVIRONMENT=BATCH_root
dant3: End user profile
========================
Start remote session a normal user:
$ export ENVIRONMENT=BATCH_dant3
$ echo $ENVIRONMENT
BATCH_dant3
$ /usr/local/bin/ssh -l dant3 hes-hpc3
Last login: Wed Mar 15 10:51:07 2006 from hes-hpc3
========================
dant3: user profile
UID PID PPID C STIME TTY TIME CMD
dant3 898 893 0 10:53:27 pts/4 0:00 -ksh
ENVIRONMENT=
dant3: End user profile
========================
Thanks,
- Chansup
