I'm planning to create a PHP web tool that helps to administrate remote Unix servers, doing functions like reset users password, get system information, and so on.
To do so, my web tool have to make a SSH connection to the remote server and send some shell commands, so I need to have a user for my application with the appropriate privileges on the remote servers. That's ok so far.
The problem is: In my company, there's a lot of Security Policies for servers, and one of them is: the applications users must not have valid shell on Unix systems , i.e. the shell must be "/dev/null".
And as far as I know, I can't logon in a remote server using the ssh2_connect function if the user doesn't have a valid shell.
I'm trying to figure out a better way to work around this, but I have no clue so far.
Does anyone have some ideas?