0

Problem

Multiple engineers are using same machine with same loginuser and history gets loaded with others' people commands.

Update: People login via private ssh keys (pub added/removed via trustedhosr). Admin user is only one and we cannot add more.

  • Connecting via ssh using ssh key as regular user ssh -t loginuser@some-hostname
  • Running SOME-HOSTNAME loginuser ~ ❯ su adminuser
  • Runing various commands and history gets filled
Improve this question
0

1 Answer 1

Reset to default
0

Solution

  • Create personal .bashrc file and set personal HISTFILE path.
  • Use customized ssh command

Steps

Prepare Personal .bashrc

mkdir /home/adminuser/bash_rc/ 
mkdir /home/adminuser/bash_histories/

Create/Edit File

nano /home/adminuser/bash_rc/.bashrc_vladimir
Add Content and Save
# .bashrc
# User specific environment
PATH="$HOME/.local/bin:$HOME/bin:$PATH"
export PATH

HISTFILE=$HOME/bash_histories/vladimir/.bash_history
export HISTFILE

# User specific aliases and functions
PS1="\[\033[01;31m\]VLADIMIR@SOME-HOSTNAME \[\033[01;32m\]\u \[\033[01;34m\]\W \[\033[01;35m\]>\[\033[00m\] "

Run custom ssh command

ssh -t loginuser@SOME-HOSTNAME 'su - adminuser --session-command "bash --rcfile /home/adminuser/bash_rc/.bashrc_vladimir"'
  • ssh -t Force pseudo-terminal allocation.
  • su - adminuser --session-command any command, here bash is used
  • bash --rcfile /home/adminuser/bash_rc/.bashrc_vladimir" tell bash to use personal .bashrc file
Improve this answer
6
  • 1
    use sudo -u adminuser, and connect each sysadmin to his dedicated account! So you will be able to deluser simply, when required! Commented Nov 1, 2024 at 9:47
  • @F.Hauri-GiveUpGitHub we are sharing one user unfortunately... (Don't ask) Will update my question with this info. Thanks! Commented Nov 1, 2024 at 18:54
  • 1
    How do you prevent someone else using .bashrc_vladimir ? Commented Nov 1, 2024 at 20:07
  • Use only 1 account to be shared, but through sudo! Add one user account for EACH remote sysadmin access to NOT be shared!! ( Keep in mind, the financial cost for 1 user account is alway the same, regarding licensing too! ;-) In other word: Don't do this! Commented Nov 1, 2024 at 20:40
  • @Philippe it is not about preventing. I personally don't care and I find this useful. I am looking forward to see other answers that can be useful as well. Thanks Commented Nov 2, 2024 at 10:47

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.