tags:

views:

163

answers:

1
Q: 

What information can be gathered about remote host on ssh login

I want to map users (that ssh to server) to emails. In csh you have defined $REMOTEHOST variable that contains PC name from remote host. In bash, no environment variable is defined. Is there any way to get some info about connected user (except from SSH_CLIENT which gives IP and PORT)

Note that I'm using sshd and bash.

A: 

No. The only information you can obtain are user, host and port.

You can simply grep the auth.log for ssh sessions.

$ grep sshd /var/log/auth.log | grep Accepted
Sep 11 12:53:54 lenny sshd[2686]: Accepted password for cb from 127.0.0.1 port 33343 ssh2

I guess you can map usernames to email addresses.

You can simply add a command to /etc/ssh/sshrc which uses the $USER variable ;) E.g.

#!/bin/bash 
echo $USER
echo $SSH_CLIENT
tuergeist  2009-09-08 07:51:35
Host? what variable holds hostname?
iElectric  2009-09-08 08:38:16
I did not wrote hostname, I wrote host. I mean IP address. It may be possible to resolve a name to this address.
tuergeist  2009-09-08 12:06:16
I wonder how does zsh obtain this information. Is it possible to know which public key was used?
iElectric  2009-09-08 16:24:21
You shall specify what exactly you want. IMHO the ssh server knowns the used key (if used), username and the ip/port of the "calling" host.
tuergeist  2009-09-09 20:11:17
Nice, do you know a way to get pubkey used? That would solve my problem
iElectric  2009-09-11 09:38:17
I checked paramiko API, you can only get public key by hostname, that's not really the best solution, I bet one can get currently used public key from ssh session.
iElectric  2009-09-11 09:59:59
Hi again, which app shall know the information (user, ip..)? the bash runned by the client or a server side app? For what purpose do you use paramiko? You haven't told anything about python!
tuergeist  2009-09-11 10:52:38
I just want to log what users logged in to a server. Thus, I want to know what pubkey was used to map it to email address and send notification about the login (and if user didn't login, he would notice the email and this intrusion). This can be done by bash or run through python. Doesn't really matter.
iElectric  2009-09-11 12:21:55
I updated my answer
tuergeist  2009-09-11 13:44:00
That's USER on server. Hmmm, actually I can use USER defined variable and make sure each user on server has it's own login. Then just map that USER to an email. Well, you didn't directly solve my question but managed to make me think through it. Thanks!
iElectric  2009-09-12 16:57:01
Hmm. Every user shall have its own login, otherwise you have a security problem.
tuergeist  2009-09-13 17:19:36
Agreed, it should have been like that in the first place.
iElectric  2009-09-14 10:39:26

related questions

Direct3D over Remote Desktop
Looking for software to remotely control iTunes from PC
java.net versus java.nio
mysql import sql via cli from remote server
How can I automate running commands remotely over SSH?
Is an SSH tunnel through Citrix Client possible?
Best way to run remote commands on a Windows server from Java?
How do I make git-svn use a particular svn branch as the remote repository?
Check out from a remote SVN repository TO a remote location?
Remote print module in Java
How do I put a File (Excel) online (Apache Server) with Password Protection but with the Option for Users to alter the File and save the changes?
How do I setup remote debugging from scratch for an Asp.Net app
How do you remotely update Java applications?
Free (affordable) remote web based administration for Windows/IIS?
What is the best way to connect remotely to a mac
Agile development in a distributed team
debug an embedded system containing gdb remotely using some kind of gui.
Remote Linux server to remote linux server dir copy. How?
continuous integration web service
Remote debugging an NT application from XP with Visual Studio 6.0
Can you pair program remotely?
Remote debugging accross domains
How can I prevent a server from becoming locked after a Remote Desktop session
Geographically Distributed Development
How do I access a remote form in php?