mindgame3713
Reputation: 35
disable pseudo-tty allocation
On a recent penetration test it was identified that the rbash restricted shell we use could be escaped by simply forcing allocation of a pseudo terminal.
ssh -i id_rsa_key user@hostname -t "bash --noprofile"
I have done a fair amount of research and haven't been able to find anything regarding how to prevent this via an ssh config or other process. Any suggestions on how to lock this down would be greatly appreciated.
Upvotes: 0
Views: 2263
Answers (1)
mindgame3713
Reputation: 35
Finally found a fix using a method found here:
How to restrict SSH users to a predefined set of commands after login?
You can restrict allocation of the PTY using a directive in the authorized_key file.
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1.......
Upvotes: 1
Related Questions
- How to deal with "Pseudo-terminal will not be allocated because stdin is not a terminal."
- Pseudo-terminal will not be allocated because stdin is not a terminal
- Why does running a background task over ssh fail if a pseudo-tty is allocated?
- Suppress 'Warning: no access to tty' in ssh
- how to do if else in ssh pseudo-tty allocation to remote server
- How to use specific shell during pseudo-tty allocation?
- How to get rid off "no access to tty (Bad file descriptor)" message in bash?
- Python SSH via Pseudo TTY Clear
- Pseudo-terminal will not be allocated because stdin is not a terminal ssh bash
- Using pseudo tty with ssh results in warning