execute post ssh login script

**cccccccc** · June 28th, 2008

hellou, i searched google almost 2 hours, but was not able to find a solution for this.
i need to run exact script for each user who will connect to server via ssh. problem is, it can not be in .basrc (for bash for example). Reason is simple: it can be killed/changed... bud the script should be "hidden" and not visible to logged user.
So how would I do that? Thanks and am very curious.

**jpkotta** · June 28th, 2008

Run it from /etc/profile.

Read the INVOCATION section of the bash man page. The shell you get from ssh is a login shell.

**cccccccc** · June 28th, 2008

Originally Posted by jpkotta

Run it from /etc/profile.

Read the INVOCATION section of the bash man page. The shell you get from ssh is a login shell.

Thanks for help, but this almost I was searching for. In your man page, there was options --noprofile (calling directly for shell - I think this is feasible). So I can not use this for security reason, am I right? I thought that when using sftp I am also lost, but I find out, that /etc/bash.bashrc do the trick (althought it will run my secret script for all my console - neinnnn

)
can be --noprofile option called directly with ssh command?

**brian_p** · June 29th, 2008

Originally Posted by cccccccc

hellou, i searched google almost 2 hours, but was not able to find a solution for this.
i need to run exact script for each user who will connect to server via ssh. problem is, it can not be in .basrc (for bash for example). Reason is simple: it can be killed/changed... bud the script should be "hidden" and not visible to logged user.
So how would I do that? Thanks and am very curious.

Install sec. Visit the author's website and read the documentation there. Set up sec to monitor /var/log/auth.log and run your script.

**ghostdog74** · June 29th, 2008

check the man page of sshd. you can use /.ssh/rc or using the example described under AUTHORIZED_KEYS FILE FORMAT in the man page.

**cccccccc** · June 29th, 2008

Originally Posted by ghostdog74

check the man page of sshd. you can use /.ssh/rc or using the example described under AUTHORIZED_KEYS FILE FORMAT in the man page.

thanks all. yes I found ssh/rc too, it doesn't cover sftp connections, very sad. but I will have a look at your second advice.
still, can anybody answer my question, if it is possible to make command like: ssh user@server.com /bin/bash --noprofile --norc? I saw it somewhere, but it doesn't work for me. if this doesn't work, I could use /etc/bash.bashrc for certain user with if... condition (the monitored one)