[vox-tech] Providing access to SSH on Kiosk?

Ken Bloom vox-tech@lists.lugod.org
Mon, 12 Jan 2004 15:55:41 -0800 

--Kj7319i9nmIyA2yE
Content-Type: text/plain; Format=Flowed; DelSp=Yes; charset=ISO-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


On 2004.01.12 14:25, Bill Kendrick wrote:
>=20
> Okay, I had a feeling this would be asked, but I didn't realize it
> would
> only take a few DAYS for someone to ask it... :^)
>=20
> Is there an easy, safe way to let people SSH out of a kiosk (e.g., =20
> the
> one
> I set up in Chamonix over the weekend)?  e.g., for folks who prefer =20
> to
> connect to their ISP (or UCD) server and run Mutt/Pine/etc. to check
> e-mail.
>=20
> I obviously don't want to just give away a bash prompt. :^)  I guess
> an "xterm -e ssh $user@$host" (with those being asked via a KDE
> kdialog or
> something) might do.
>=20
> Before I accidentally punch a gaping hole in the box, though, I
> thought I'd
> ask for suggestions here. ;^)

I assume this is a Debian box, other distributions should be no less =20
flexible than what I'm about to explain though. In debian both ssh (the =20
client) and sshd (the server) are in the same package (ssh).

*But* sshd doesn't need to be running to connect to a different =20
computer by ssh, so you can modify the startup scripts to keep sshd =20
from starting - hence the user can't log a local shell using by sshing =20
to localhost. In distributions that separate ssh and sshd, you should =20
install only the client package.

Now, you would like to make it easy to log in as any user. Instead of =20
going ahead and creating your own script to take the user name, and =20
host, I suggest you look at gnome-remote-shell in the gnome-networking =20
package (sid) which does exactly as you describe wanting to do. Also =20
look at kdessh (sid, woody, sarge). I recalling a gnome-based program =20
for Gnome before Gnome2, but that's from my mandrake days and I can't =20
find it in woody using packages.debian.org. There's also a gtk1.2 port =20
of putty (sarge, sid).

Lots of choices. You shouldn't need to write your own version of =20
anything.

--=20
I usually have a GPG digital signature included as an attachment.
See http://www.gnupg.org/ for info about these digital signatures.
My key was last signed 10/14/2003. If you use GPG *please* see me about
signing the key. ***** My computer can't give you viruses by email. ***

--Kj7319i9nmIyA2yE
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBAAzP9lHapveKyytERAjBIAKCiKQ8uzTvtam6upAFksTF2FEWSUACgrDYv
AnQ4XFJ1jo2P9BnMaoMVeoM=
=Opvc
-----END PGP SIGNATURE-----

--Kj7319i9nmIyA2yE--