[TCLUG] Faking a remote terminal

Fri Mar 1 14:04:07 CST 2002

OK, Dave.  Try this instead:

#!/bin/sh
# You've listed nothing specific to bash to warrent /bin/bash.
trap "" 2
while /bin/true ; do
  /usr/bin/clear
  /bin/echo "Press any key to connect to remote"
  read answer
  /usr/bin/telnet remote
done

To place this on serial terminals, look at the manpage for getty.  It's
pretty straight-forward.  You expressed a desire to use ssh instead of
telnet?  Why not try something like this, then:

#! /bin/sh
################################################################################
#
#  This script is PUBLIC DOMAIN and comes with NO WARRANTY WHATSOEVER!
#  Use at your OWN RISK.
#
#  It may not even work! ;-)
#
################################################################################
#
#  ssh-wrapper -- prompt for remote user, hostname, and port
#
#  * Important to disregard any other other commandline options
#
#  * YOU SHOULD REALLY CHROOT THIS!!!!  Make certain that
#    there is no way that should the remote user figure out a buffer
#    overflow of some kind and use it against you.  Considering that
#    inittab and getty are normally run as root, this would be a very
#    big mistake to simply run un-chrooted.
#
#    -- Either use static binaries or copy over all libraries needed.
#    -- You'll need a fake /etc/resolv.conf, /etc/hosts, etc...
#    -- Be restrictive with local filesystem permissions (i.e. -rwx)
#
#    e.g. chroot getty -l /usr/local/bin/chroot-serial-ssh ttyS0 ...
#    where chroot-serial-ssh contains:
#      #!/bin/sh
#      /usr/sbin/chroot /var/chroot/serial-ssh /bin/ssh-wrapper
#
# NOTE: I'm no chroot god, so this may prove to be vulnerable as well.
# Suggestions welcome. <chewie at wookimus.net>
#
################################################################################
echo=/bin/echo
tr=/usr/bin/tr
sed=/bin/sed
ssh=/usr/bin/ssh
true=/bin/true

ISSUE=/etc/ssh/serial-issue.txt
SSHCONF=/etc/ssh/serial.conf
RUSER=
RHOST=remotehost.domain.tld
RPORT=22

trap "" 2

while $true
do
    cat $ISSUE

    $echo -n "Enter a hostname (default is $RHOST): "
    read RHOST
    # munge the rhost line into a no-spaces line. '-' is not a legal
    # first character.
    RHOST=`$echo $RHOST|$sed -s 's/-//'|$tr -dc '[-._a-zA-Z0-9]'`

    $echo -n "Enter a port (default is $RPORT): "
    read RPORT
    # only use digits
    RPORT=`$echo $RPORT|$tr -dc '[[:digit:]]'`

    $echo -n "Enter a remote username: " 
    read RUSER
    # munge username
    RUSER=`$echo $RUSER|$tr -dc '[[:alnum:]]'`

    $ssh -F $SSHCONF -l $RUSER -p $RPORT $RHOST

    # Give the user time to read any error output
    $echo "Press any key to continue."
    read pause

done
# END SCRIPT

-- 
Chad Walstrom <chewie at wookimus.net>                 | a.k.a. ^chewie
http://www.wookimus.net/                            | s.k.a. gunnarr
Get my public key, ICQ#, etc. $(mailx -s 'get info' chewie at wookimus.net)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20020301/935a9a3b/attachment.pgp