Topic: SSH Access For Regular Users?

[Jim Danvers]

Hey all...

Relative newbie to SME.  I have been playing/messing around with linux in general for a year or so though, just not SME.    Anyway...

I just grabbed the v5.6 iso, burned it, and installed it to a pc.  I have many questions, and lots of reading to do, but I will start here:

I do NOT (and understand why) want to enable or even use ftp against the SME box.  I DO want to be able to use SSH so that I can get on it (shell access), and move files on and off of it (SCP) (( I typically use a little thing called WinSCP which is a nice graphical SSH ftp client )).  I turned it on via the server-manager mgmnt interface and it works fine for ADMIN.  It doesn't work for Joe User though....  ;(  I would like it to work for real users on my machine as I create accounts for family/friends, etc.  How can I do this?  Do I need to customize a template or something....

TIA...

-=- jd -=-

[Bill Talcott]

I can login to our SME5.5u3 via SSH with my regular user account from the LAN. Remember that regular users do not by default have access to a regular commandline shell. You probably just need to change the shell setting for the desired user(s).

[Tibor]

http://www.dungog.net/sme/howto/usershell.php

[Jim Danvers]

Hey!  In typical linux / open sourced fashion - a relatively and quick reply!  Thanks guys!  i'll check it out when I get home (@work right now and don't have access to the machine... physical or over the wire)

-=- jd -=-

[Nathan Fowler]

If you want to down/dirty want to do it change /bin/sshell to /bin/bash for the selected user in /etc/passwd.

[Jim Danvers]

Thanks Nate...

I'm certainly not afraid of down -n- dirty (thats mostly how I've been using linux anyway!  lol!!), but from the little bit that I have seen of this product (e-smith), it looks like there are a lot of things that can get 'broken' if one directly dinks with vs. doing it the 'e-smith way' via a custom template or whatever it is.

I guess that until I learn more about this thing, use it more (break it) (( and hopefully, fix it! )), I'm kinda inclined to learn what and why I 'need' to do stuff via the templates method.  If templates and direct dinking don't have any effect on one another - great!  Down -n- dirty!  

Thanks for the feedback...

-=- jd -=-

Nathan Fowler wrote:
>
> If you want to down/dirty want to do it change /bin/sshell to
> /bin/bash for the selected user in /etc/passwd.

[Nathan Fowler]

I'm pretty sure you won't break anything by monkeying with /etc/passwd, I'm not exactly sure that you're changes won't be over-written if you add a new user, I don't know if it operates in append mode (I assume it would) or over-write when adding new users.  Give it a whirl, I've modified /etc/passwd without issue in the past.

[Bill Talcott]

Jim Danvers wrote:
>
> Thanks Nate...
>
> I'm certainly not afraid of down -n- dirty (thats mostly how
> I've been using linux anyway!  lol!!), but from the little
> bit that I have seen of this product (e-smith), it looks like
> there are a lot of things that can get 'broken' if one
> directly dinks with vs. doing it the 'e-smith
> way' via a custom template or whatever it is.
>
> I guess that until I learn more about this thing, use it more
> (break it) (( and hopefully, fix it! )), I'm kinda inclined
> to learn what and why I 'need' to do stuff via the templates
> method.  If templates and direct dinking don't have any
> effect on one another - great!  Down -n- dirty!  
>
> Thanks for the feedback...
>
> -=- jd -=-

FYI, the templates system is relatively simple. For each file, you have a directory containing fragments (header, part 1, part 2, part 3, footer). Rather than editing the third part of the file, you create a custom "part 3" fragment. Or you can add a "part 2.5" if you want to insert something. The system processes and combines all the fragments together (giving preference to the custom ones you've added) to create the file. Once you get used to it, it's a very handy system. If you screw something up, you can just delete your custom fragment(s) and rebuild the file to default...

[Nathan Fowler]

Bill is exactly right, the templating system is definately a strong point in SME/E-Smith.  Once you understand how it works (http://www.e-smith/custom) it's very practical and easy to modify to suit your needs.

I remember the old days of actually having to modify /etc/httpd/conf/httpd.conf by hand.  Templating takes LOADS of work off.  It's a very intelligent and well designed system.

[Dan Brown]

There's no template-related reason not to tinker with /etc/passwd directly, but a very good system-related reason: you could hose the file, possibly preventing any logons at all.  This is why God created the chsh command; search here on "chsh" (without the quotes, and searching all dates) for more info.

[Jim Danvers]

This is all great stuff guys!  Thanks much.  I ~finally~ managed to get back to the house here, got my machines all hooked back up (long story) and am now finally getting on the get caught up and try some of this stuff out.

Someone else left me links and/or mentioned the "chsh" cmd.  That looks like the first one I try.  ( and if all goes well, will be the last one!   )

-=- jd -=-

p.s. - there will likely be some forthcoming questions, that I'm thinking will require some template mod'ing, but we'll cross that bridge when we get there...    ( has to do w/samba, file sharing, and ~me~ deciding, not SME, where I want the directory structure to live - like maybe on another drive added after the initial SME installation... not now though - later.  Change the name or topic of the thread if someone wants to hit this baited hook and run with it though!  lol!! )

Dan Brown wrote:
>
> There's no template-related reason not to tinker with
> /etc/passwd directly, but a very good system-related reason:
> you could hose the file, possibly preventing any logons at
> all.  This is why God created the chsh command; search here
> on "chsh" (without the quotes, and searching all dates) for
> more info.

[Jim Danvers]

***************************************
*  chsh -s /bin/bash username  *
***************************************

Cha-ching!    Works like a champ.  Couldn't be any easier.  

Thanks gents!