Send Shell commands without interactive shell

[leandrorius]

Hi there!

I'm planning to create a PHP web tool that helps to administrate remote Unix servers, doing functions like reset users password, get system information, and so on.
To do so, my web tool have to make a SSH connection to the remote server and send some shell commands, so I need to have a user for my application with the appropriate privileges on the remote servers. That's ok so far.
The problem is: In my company, there's a lot of Security Policies for servers, and one of them is: the applications users must not have valid shell on Unix systems , i.e. the shell must be "/dev/null".
And as far as I know, I can't logon in a remote server using the ssh2_connect function if the user doesn't have a valid shell.
I'm trying to figure out a better way to work around this, but I have no clue so far.

Does anyone have some ideas?

Thanks!

[egami]

Not possible. If there isn't a shell, there isn't a shell. And giving the WWW user administrative privis on any of your boxes is a 100% idiotic move, especially an Internet facing facility.

Even sudo would be a dumb move.


But, I'm not one to judge, so if you want it to even have any kind of possibility, you're going to have to look into sudo and user nobody, or user apache. But if your site is "hosted" on a providers box, then you have absolutely no chance in hell in getting this to work.


Good luck.