Change SSH shell

Brundle

Hi guys,
I have created a user, and when I log in with SSH i get a shell prompt. I seems my shell is /bin/tcsh. I would like to have my shell be /etc/rc.initial, like it is for the admin account. However, when I run:

chsh -s /etc/rc.initial

I get the error:

chsh: /etc/rc.initial: non-standard shell

and no change is made. What am I doing wrong?

Gertjan

@brundle

You want the 'admin' menu to show up for a non-admin user ?
Be careful, as many menu option need 'admin' rights ...
The file /etc/rc.initial (did you have a look ?) is execute by the standard sh shell.
Option 8 of the menu launches the /bin/tcsh shell.

You can, of course, set your own shell for a user, and even a 'connect' script.
See all the hidden files in the /root/ - they start with a dot, as an example.

jimp

There is a reason we don't set that for other accounts -- they lack the privileges required to use many of the menu options.

You could install the sudo package, grant your account access, and then set your login scripts (e.g. .profile) to execute sudo /etc/rc.initial similar to what happens for the root account.

For example, add this to ~/.profile:

unset _interactive
if [ -n "${SSH_TTY}" ]; then
	_interactive=1
else
	case "${TERM}" in
	cons25|xterm|vt100|vt102|vt220)
		_interactive=1
		;;
	esac
fi

if [ -n "${_interactive}" ]; then
	/usr/bin/resizewin -z
	sudo /etc/rc.initial
	exit
fi

The only difference between that and /root/.profile is the sudo on the line running rc.initial.

Brundle

Thank you @Gertjan and @jimp for your answers. I guess I could have been more specific in my question. First off, my user is a member of the Admins group, so privileges shouldn't be a problem. I had already copied the code from /root/.profile to my ~/.profile (no sudo necessary), but I just figured out that this file is not parsed by tcsh.

Once I did chsh -s /bin/sh the file is parsed and I get the menu on login, just like the admin user.

I still find it curious though, that according to /etc/passwd admin's shell is /etc/rc.initial, so I guess for that account, the menu is started directly and not by the .profile script, right?

jimp

The admin group in the GUI does not give the user any access in the shell like you imply. You will need sudo to access root/admin level functions in the shell.

The admin account has its shell set to the menu differently than root, since root needs to be able to use scp and similar things, while admin is more locked down as it's used for the console autologin.

If .profile didn't work then add this to the end of ~/.tcshrc:

if ($?prompt) then
    sudo /etc/rc.initial
endif

Brundle

@jimp Thanks again for your answer.

OK. The admin account has the same UID and GID as root in /etc/passwd. Am I right to assume that it has the same privileges?

Maybe some information about my setup might be useful. I can login to the router using the admin account with password. However, I want to use public/private keys to login. For my regular username I have my keys installed on a number of bsd/linux machines in my network, and I can always just type ssh <machine> to go from one to the other.

I don't want to have to create public/private keys for the admin account to put on every system I have, instead I would like to use my regular user account and my regular private key. Once logged in I want the exact same behaviour and privileges as for the admin account. Is this possible?

I'm considering just copying the UID, GID and Shell fields from the admin line of /etc/passwd, but I worry that might break something. Any advise?

jimp

@brundle said in Change SSH shell:

OK. The admin account has the same UID and GID as root in /etc/passwd. Am I right to assume that it has the same privileges?

Yes, they do, they are equivalent, but have some (necessary) differences in how they act at the OS level. The admin account is locked into the menu for its shell, root is not. The root account starts the menu at login but isn't locked to it in the same way. This is important for the console autologin process.

I don't want to have to create public/private keys for the admin account to put on every system I have, instead I would like to use my regular user account and my regular private key. Once logged in I want the exact same behaviour and privileges as for the admin account. Is this possible?

Only by using sudo as with any other *nix system. This isn't a special case, it works like any other BSD/Linux/whatever server.

You could put your existing keys into the admin account in the GUI and just ssh into that if you like (it would work for root@ and admin@) though it is better to use your own account if you're already used to that. You still have to setup the account and keys in the GUI, though.

I'm considering just copying the UID, GID and Shell fields from the admin line of /etc/passwd, but I worry that might break something. Any advise?

That won't persist without editing the source to control how the accounts are generated, and is completely unnecessary.