How to logout an ssh session from within a perl script?

Question

I have a perl script to do a second layer of authentication after an ssh shell is opened. It asks for password, and after n number of invalid attempts, the script should log out the user. This runs on a Debian system.

Now, the problem is that usually an ssh shell is closed interactively with the command exit.

When run from backticks, or system() from within a perl script, exit is not recognized as a valid command. So how can I logout the user from an ssh session, from within a perl script? The script is not responsible for the ssh session. It runs on the remote, and kicks in from .bashrc.

This is the relevant segment of code:

while ($actualpass ne $password) {
    ++$attempts;
    if ( $attempts > $maxattempts ) {
        `/bin/bash /root/ascii_breach`;
        `/bin/bash exit`;
    }

The /bin/bash exit obviously does not work.

Answer 1

You could launch the authentication script, check the exit status and logout the shell on failure:

perl auth.pl; if [ $? -ne 0 ]; then exit; fi

Then in the Perl script:

if ( $attempts > $maxattempts ) {
    die 'Authentication failed';
}

You would also need to stop the user skipping the authentication with ctrl+c or ctrl+z:

trap "echo no" SIGINT SIGTSTP
perl auth.pl; if [ $? -ne 0 ]; then exit; fi

Answer 2

Sounds like you have this a bit backwards. I think what you are doing is ssh'ing to the remote host which runs a shell, the shell runs perl and then perl wants to exit the shell. The better way of doing this is to ssh to the host to run the perl script directly. Only if the authentication passes should the perl script start up the shell.

You can configure sshd to run your authentication script in the authorized_keys file assuming that is how the user is getting in.