Mailing List Archive

Do you have whoami available? If not try creating a temp file and then
using ls to examine who owns it. Then delete it when you're done.

> -----Original Message-----
> From: listbounce@securityfocus.com
> [mailto:listbounce@securityfocus.com] On Behalf Of Mohsen Alimomeni
> Sent: Thursday, September 17, 2009 2:45 AM
> To: secureshell@securityfocus.com
> Subject: get logged in username
>
> Hi,
>
> How can I get the logged in username under remote command execution? I
> am using openssh version 4.0 under fedora core 4.
>
> more explanation:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it. But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.
> How can I get the username in this case?
>
> Regards,
> --
> __ \ /_\\_-//_ Mohsen Alimomeni
>

In the last episode (Sep 17), Mohsen Alimomeni said:
> How can I get the logged in username under remote command execution? I am
> using openssh version 4.0 under fedora core 4.
>
> more explanation:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it. But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.
> How can I get the username in this case?

Try "whoami", or "id -un". Your system may also store the username for you
in the USER or LOGNAME environment variables.

--
Dan Nelson
dnelson@allantgroup.com

On Jueves 17 Septiembre 2009 02:15:12 Mohsen Alimomeni escribió:
> Hi,
>
> How can I get the logged in username under remote command execution? I
> am using openssh version 4.0 under fedora core 4.
>
> more explanation:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it. But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.
> How can I get the username in this case?
>

You are right, and this is because common programs doesn't login. However, for
log about ssh, check on /var/log/secure.... And, for running things, "ps -
edalf" or "ps axu" or "pstree -u".

> Regards,
> --
> __ \ /_\\_-//_ Mohsen Alimomeni
>

And one more thing out of topic. Fedora 4 is outdated, vulnerable and is not
releasing updates anymore, not even critical updates. If you are not using
this server as penetration testing lab pourporse, i strongly recommend you to
install the latest version.

--
Ing. Aaron G. Mizrachi P.

http://www.unmanarc.com
Mobil 1: + 58 416-6143543
Mobil 2: + 58 424-2412503
BBPIN: 0x 247066C1

On Thu, Sep 17, 2009 at 11:15:12AM +0430, Mohsen Alimomeni wrote:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it.

You also know it's "admin" because you typed "admin" in the ssh command.
Don't be too quick to discount client-side knowledge... though clearly
it's up to you to determine whether the client can be trusted.

> But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.

You could create a pseudoterminal by running "ssh -t admin@host myprog"
but I suspect this is a red herring. I think what you're really asking
is "How does a program determine the name of {a,the} user that maps to
the program's {effective,real} UID, apart from running some shell command
like 'whoami'?".

> How can I get the username in this case?

If myprog has access to libc, and host is a Unix-like system, then I
believe the standard approach is:

1) Call geteuid() to get the effective UID, or getuid() to get the "real"
UID -- whichever you actually want.

2) Call getpwuid() to map the UID to a human-readable name.

This really has nothing to do with ssh per se. It's just standard
Unix/libc programming.

You'll need to get the owner of the running process which should be your
'admin' in this case.

If you're using a bash script, you could use "id", which will return
information about the user, like groups and uid. id -u returns my
userid, id -un returns my username. (GNU Coreutils 6.10)

If you're using another script, Python, PHP and PERL have built in
functions to obtain the current user.

If you are working in C, this might help you.
(Disclaimer: I'm not a C programmer)
http://www.gnu.org/software/libc/manual/html_node/Users-and-Groups.html#Users-and-Groups

Good Luck
~k

On Thu, 2009-09-17 at 11:15 +0430, Mohsen Alimomeni wrote:
> Hi,
>
> How can I get the logged in username under remote command execution? I
> am using openssh version 4.0 under fedora core 4.
>
> more explanation:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it. But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.
> How can I get the username in this case?
>
> Regards,
> --
> __ \ /_\\_-//_ Mohsen Alimomeni

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mohsen Alimomeni wrote:
> Hi,
>
> How can I get the logged in username under remote command execution? I
> am using openssh version 4.0 under fedora core 4.
>
> more explanation:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it. But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.
> How can I get the username in this case?
>
> Regards,
> --
> __ \ /_\\_-//_ Mohsen Alimomeni
>

If all you need is a tty to get 'who -m' to work, why not use 'ssh -tt
admin@host' to allocate a tty to the session?

- --
# include <stddisclaimer.h>
/* Kevin Brott <Kevin.Brott@gmail.com> */


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11-svn5139 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkq0NPwACgkQHPfX3it8TYsrlgCgzQ56KRA8rlk5hBn/QMHYzlRD
DtgAn2WfNCgq2NutZUwbcNlppA6RleKh
=BaIg
-----END PGP SIGNATURE-----

Hi, Thanks for reply,

This is the exact scenario:
When I use the command "ssh admin@host", the user is authenticated by
a custom Pam module, and it's given the UID, GID and shell from a
custom nss module. The shell is also a custom CLI, which needs the
username - not the UID - to operate well. I can't get the username
from UID since there is no one-to-one correspondence between them.
Also the commands: who, id and .. doesn't give me the username, since
there is no tty for the session.

Regards,
Mohsen

On Thu, Sep 17, 2009 at 9:28 PM, Schaff Mark-C00070
<mark.schaff@motorola.com> wrote:
> What are trying to do. Need  information .
>
> Thank you
>
> Mark Schaff
> Sent from my mobile
>
> -----Original Message-----
> From: Mohsen Alimomeni <m.alimomeni@gmail.com>
> Sent: Thursday, September 17, 2009 12:18 PM
> To: secureshell@securityfocus.com <secureshell@securityfocus.com>
> Subject: get logged in username
>
> Hi,
>
> How can I get the logged in username under remote command execution? I
> am using openssh version 4.0 under fedora core 4.
>
> more explanation:
> when I do "ssh admin@host", I can get the username "admin", by the
> command "who -m", since there is tty which the username is assigned to
> it. But suppose I want to execute a remote command "ssh admin@host
> myprog", I want to get the username inside the myprog. The command
> "who -m", doesn't work because no tty is created for the user.
> How can I get the username in this case?
>
> Regards,
> --
> __ \ /_\\_-//_ Mohsen Alimomeni
>



--
__ \ /_\\_-//_ Mohsen Alimomeni

On Sat, Sep 19, 2009 at 12:35:44PM +0430, Mohsen Alimomeni wrote:
> This is the exact scenario:
> When I use the command "ssh admin@host", the user is authenticated by
> a custom Pam module, and it's given the UID, GID and shell from a
> custom nss module. The shell is also a custom CLI, which needs the
> username - not the UID - to operate well.

This is a fine example of why usernames and UIDs should always have a
1-to-1 correspondence. As far as the OS is concerned, the UID is what
identifies a user uniquely, not its username. Also, you've reduced
the accountability of your system: for example, if user "foo" and
user "bar" both have UID 1234, then when bar creates a file, it will
appear to have been created by foo (assuming foo appears first in
/etc/passwd, or is returned first in whatever mechanism your system
uses to look up UIDs and usernames). Likewise, when user bar does
something that normally gets logged, it will be logged under user foo
(given the same conditions).

This is, in general, bad. You likely may encounter other things which
break subtlely, or not so subtlely. I don't know what problem you're
trying to solve by doing this, but there's probably a better way.

--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D

Thanks for all replies, I could solve the problem.

About the last comment, you are right. In my config, usernames and
UIDs have a 1-to-1 correspondence in /etc/passwd. But I use a custom
pam, nss module which have several users with the same UID, equal to a
user in passwd. These users are not allowed to create files or things
making trouble. A custom shell is assigned to them, which doesn't
allow most of these things.

Thanks everybody.
Mohsen

On Wed, Sep 23, 2009 at 12:14 AM, Derek Martin <code@pizzashack.org> wrote:
> On Sat, Sep 19, 2009 at 12:35:44PM +0430, Mohsen Alimomeni wrote:
>> This is the exact scenario:
>> When I use the command "ssh admin@host", the user is authenticated by
>> a custom Pam module, and it's given the UID, GID and shell from a
>> custom nss module. The shell is also a custom CLI, which needs the
>> username - not the UID - to operate well.
>
> This is a fine example of why usernames and UIDs should always have a
> 1-to-1 correspondence.  As far as the OS is concerned, the UID is what
> identifies a user uniquely, not its username.  Also, you've reduced
> the accountability of your system: for example, if user "foo" and
> user "bar" both have UID 1234, then when bar creates a file, it will
> appear to have been created by foo (assuming foo appears first in
> /etc/passwd, or is returned first in whatever mechanism your system
> uses to look up UIDs and usernames).  Likewise, when user bar does
> something that normally gets logged, it will be logged under user foo
> (given the same conditions).
>
> This is, in general, bad.  You likely may encounter other things which
> break subtlely, or not so subtlely.  I don't know what problem you're
> trying to solve by doing this, but there's probably a better way.
>
> --
> Derek D. Martin
> http://www.pizzashack.org/
> GPG Key ID: 0x81CFE75D
>
>



--
__ \ /_\\_-//_ Mohsen Alimomeni