Sleep Dummy Shell (sleepshell) 0.0.2.


This is a simple do-nothing, sleep-forever program that can be used as a login shell (in Linux or Unix) to keep the connection open but without interactive shell. We use it to create SSH accounts for users who will only use them for SSH-tunneling; to create an encrypted tunnel to our servers (for example to connect securely to database servers like mySQL, PostgreSQL, etc).

Most restricted shells still allow execution of local commands from the SSH account. Setting the account shell to something like /bin/false (or any other simple programs) usually won't work because the tunnel is closed as soon as the program finish its execution. Sleep Dummy Shell just sleeps until its execution is terminated by the user or the tunnel is closed.

The Sleep Dummy Shell is the perfect solution for extranet, intranet and public hosting providers who wish to provide their customers with SSH accounts for encripted tunneling, without worrying about extra security.

Features.

  • Compiled, no scripting runtime needed.
  • For Linux and other Unix.
  • Minimal memory and CPU time usage.
  • Simple to install.
  • Open source. Released under the GPL license.

Requirements.

  • A C compiler (tested with GCC).
  • Linux or Unix as platform (tested with Linux and FreeBSD) or Windows with CygWin installed.
    (An user [Kenneth Klavonic] have reported that it compiled also in MacOSX/Darwin, both PPC and Intel).

Installation.

1) Get the files.
Get the files from http://www.mariovaldez.net/software/sleepshell/

2) Unpack.
Unpack the files in a directory with

tar tvzf sleepshell_0.0.2.tar.gz

3) Compile.
Change to the directory "sleepshell" and run "make". (If you are compiling under CygWin in Windows, copy the file "Makefile.cygwin" over the "Makefile" file before running "make"). You will see a message like this:

gcc -O2 -g sleepshell.c -o sleepshell
strip sleepshell

After this, a new executable file named "sleepshell" should be in the directory.

4) Test.
Run the ./sleepshell and you should get the following text if you are using SSH (one asterisk per 10-seconds):

Connection: 192.168.0.25 2640 192.168.0.1 22
Client: 192.168.0.25 2640 22
Terminal: /dev/pts/1

*****

Or just (one asterisk per 10-seconds):

***

5) Install.
Break the sleepshell execution with Ctrl-C, then run "make install" to copy the executable file to /usr/local/bin/. You must be "root" to do this. You should get the following text:

cp sleepshell /usr/local/bin/sleepshell

6) Set as login shell.
Set the login shell of the tunnel user(s) with the usermod command. For example, to set the login shell of the user "remoteuser" you would use:

usermod -s /usr/local/bin/sleepshell remoteuser

If you want to do it manually, open the /etc/passwd file and change the seventh field (the shell field) to /usr/local/bin/sleepshell. For example, to set the login shell of the user "remoteuser" you would edit its /etc/passwd record from:

x:1022:100:,,,:/home/remoteuser:/bin/bash

to

x:1022:100:,,,:/home/remoteuser:/usr/local/bin/sleepshell

(Note: this is just an example!)

7) Test the SSH account.
Connect with SSH to the server and login to the SSH account with the sleepshell. You should get a message like the following (one asterisk per 10-seconds):

Connection: 192.168.0.25 4567 192.168.0.1 22
Client: 192.168.0.25 4567 22
Terminal: /dev/pts/4

****

Break the execution with Ctrl-C or by sending a SIGTERM signal to the sleepshell process. The SSH will be closed.

8) You are done.

Download.

License.

Sleep Dummy Shell (SleepShell).
Copyright ©2004,2005 by Mario A. Valdez-Ramirez
You can contact Mario A. Valdez-Ramirez by email at mario@mariovaldez.org or paper mail at Olmos 809, San Nicolas, NL. 66495, Mexico.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

OSI-Certified logo

Browse the source files (0.0.2).

Questions, comments, suggestions.

You can send your questions, comments or suggestions by email.

Don't hesitate to contact the author by email (mario@mariovaldez.org).

 
 
NA fum/lmd: 2007.07.14
Copyright ©1994-2014 by Mario A. Valdez-Ramírez.
no siga este enlace / do not follow this link