Koozali.org formerly Contribs.org

user shell access

Offline redteo

  • *
  • 121
    • redteo blog
user shell access
« on: May 16, 2020, 05:58:58 PM »
Buona quarantena a tutti--

bene il mio quesito è il seguente.
da tempo non avevo avuto più la necessità di accedere com utente differente da admin o user.
tempo fa creai una coppia di chiavi con puttygen
per root che uso senza problemi.
e una per il mio utente principale.
adesso non riesco ad accedere al prompt dei comandi...
la shell dell'utente è impostata su bash, la chiave funziona
e vedo il benvenuto di sme
ma poi la finestra si chiude


Consulente di Smeserver.it -  Soluzioni e supporto su Sme server in Italia

Offline mmccarn

  • *
  • 2,499
Re: user shell access
« Reply #1 on: May 17, 2020, 03:01:29 PM »
I did this:

Code: [Select]
db accounts setprop mmccarn Shell /bin/bash
signal-event user-modify mmccarn

After adding my public key to /home/e-smith/files/users/mmccarn/.ssh/authorized_keys and setting the permissions on my home folder, the .ssh folder, and authorized_keys as wanted by sshd, I am able to ssh to my SME server as 'mmccarn' instead of 'root' using public/private keys.

Here are some things you might check:

Check your bash version
* verify bash version
* verify source repository
* verify your bash executable path and checksum
Code: [Select]
# yum info bash
Installed Packages
Name        : bash
Arch        : x86_64
Version     : 4.1.2
Release     : 48.el6
Size        : 3.0 M
Repo        : installed
From repo   : base
# shasum $(which bash)
25d64496d600f4383b8bba4562652ebdfd79e4b9  /bin/bash

confirm the user's home folder and shell setting from /etc/passwd
* replace 'mmccarn' with your primary user's account
Code: [Select]
# USER=mmccarn
# printf "home:\t$(grep $USER /etc/passwd |cut -d: -f6)\n"
home: /home/e-smith/files/users/mmccarn
# printf "shell:\t$(grep $USER /etc/passwd |cut -d: -f7)\n"
shell: /bin/bash

confirm the user's shell setting in the accounts database
* replace 'mmccarn' with your primary user's account
Code: [Select]
# db accounts getprop mmccarn Shell

check the user and system startup scripts for oddities
* replace 'mmccarn' with your primary user's account
* your results may vary based on what you have installed
Code: [Select]
# USER=mmccarn
# shasum /home/e-smith/files/users/$USER/.bash_profile
shasum: /home/e-smith/files/users/mmccarn/.bash_profile: No such file or directory
# shasum /home/e-smith/files/users/$USER/.bashrc
shasum: /home/e-smith/files/users/mmccarn/.bashrc: No such file or directory
# shasum /etc/profile
9d81696fabf3a6fdf12714f9fa79975a0784185e  /etc/profile
# shasum /etc/profile.d/*
b03494f27a55afbdc969df1a7698614b0eaf6759  /etc/profile.d/colorls.csh
4127f3810f07f604626bf2292b52243d12c54e6a  /etc/profile.d/colorls.sh
00254f3b66ffaf9717f6c3b681dda7a9f8e40070  /etc/profile.d/cvs.csh
b641b3a0e2aa7ad62f23583a6a59ee07c02d73d7  /etc/profile.d/cvs.sh
1499e0b58aa8dba4e3aa23db42bc61b272b4ad68  /etc/profile.d/e-smith-lib_compspec.sh
deb75b2aa65f757c2600e7bc5ce892d834e8516b  /etc/profile.d/e-smith.sh
1938de55f03b1b6481809a6ebc6bbd515463ca86  /etc/profile.d/glib2.csh
26465e1efb71b6705ad43c595ab41f061ff87126  /etc/profile.d/glib2.sh
a3f6a38b50429395bb82cae9b9504d2b44bedbed  /etc/profile.d/lang.csh
8f1abf05101405bc4c046d1eb83c5260ef5d4b6f  /etc/profile.d/lang.sh
4fd9977e4d48ab7042b09f63bfe9fb89095b51e0  /etc/profile.d/less.csh
a287823bcb16dab5bfbe7b05b2c9cfd3e68751be  /etc/profile.d/less.sh
30d4a8876899b2e62af216be9021b5e8fe077087  /etc/profile.d/mc.csh
825dbcd633c67e8d033ea9ae791f087ba3e70900  /etc/profile.d/mc.sh
3cfe8a2e07afccbc3bb10817dbdd7e2b023ce17d  /etc/profile.d/modules.csh
a843afde6f9d5eb519943bbd601d08eb47ace9bd  /etc/profile.d/modules.sh
1dda8a309c6cef9848b7d83969dc474742076bf9  /etc/profile.d/mysql55.sh
8fb3dc1caf80dccf50775a7e4dc8ff616be4cc93  /etc/profile.d/mysql57.sh
55bb7f95cc3096d2da4d0bf36c40d0f24b77fa42  /etc/profile.d/rvm.sh
d2e67a800a68f39ec448cd9784fec0370b2abb1a  /etc/profile.d/vim.csh
82976b2ae1bcdadaaeba4f7316729e0b480cb527  /etc/profile.d/vim.sh
fd56b45671acc1c3fa01d746f5a484459db83b03  /etc/profile.d/which2.sh

sshd config and user permissions
* Check that there is nothing unexpected in /etc/ssh/sshd_config
* Check that the user owns their own home folder, the .ssh folder, ~/.ssh/authorized_keys, and that the permissions are correct

look for errors in the log files
Check the system log files for entries or errors related to the user or sshd

Check for server config issues
If everything looks good so far, I would start looking for non-standard items generally.  Run the SME audittools for repositories, rpms, and templates, and hope that something pops up that looks like a cause for your issue.
Code: [Select]
# /sbin/e-smith/audittools/repositories
... output is not all that useful from my system...

# /sbin/e-smith/audittools/templates
... output is not all that useful from my system...

# /sbin/e-smith/audittools/newrpms
... output is not all that useful from my system...

check for time discrepancies
I know that an active directory domain will behave oddly if the time between the server and the client  differs by 3 minutes or more.  I don't know if this applies to SME or ssh at all, but it's easy to check, so why not?

note on shasum
I found that the easiest way to verify the checksums I've provided above is to run a command like this:
Code: [Select]
# shasum -c <(echo 55bb7f95cc3096d2da4d0bf36c40d0f24b77fa42 */etc/profile.d/rvm.sh)
/etc/profile.d/rvm.sh: OK
* use <(...) to treat command output as a file
* use 'echo' to output the values from above
* add an asterisk in front of the filename (I don't know why the original output did not include the asterisk, but it did not...)