HPE Community
Operating System - HP-UX
1751694 Members
5078 Online
108781 Solutions
New Discussion юеВ

Re: SSH question

 
SOLVED
Go to solution
Dennis Handly
Acclaimed Contributor

тАО11-05-2008 03:27 AM

тАО11-05-2008 03:27 AM

Re: SSH question

>deleted the last 3 vt lines, and now instead i get this on my prompt at login:

You are either editing it incorrectly in vi or it gets destroyed later.
Can you use more(1) or cat(1) on the file after you edit it?

>How can i get my command prompt to simply return # at login in as before!

You can't until you figure out .profile is being corrupted.

The simple way is to copy Torsten's /usr/newconfig/.profile to root's and make NO changes in it at all.

Try logging in and see if bad.
If not bad, it was vi. If bad, you might need to use tusc or turn on auditing to catch the hacker.
Reply
de049
Advisor

тАО11-05-2008 06:05 AM

тАО11-05-2008 06:05 AM

Re: SSH question

Dear all,

i was really pleased with the help received yesterday, and although i still believe this can be resolved, i am now in a little trouble after folloiwng your advice.

BAsically, i did everything as advised and now i keep gettting this problem at login. I cannot use a new profile as this existing one contains extra parameters compared to that in the newconmfig folder. I never mentioned that this server hosts one of our management systems and thus i am wary of manipulating its root profile too much.

Last thing i need is to kill the root account on this machine.

Cannot someone advise by looking at the code i pasted from my .profile file?

The vt entries i erased are gone now, but i still get this message appearing on my command prompt at login.

please help
0 Kudos
Reply
de049
Advisor

тАО11-05-2008 06:40 AM

тАО11-05-2008 06:40 AM

Re: SSH question

Please find below the existing .profile and the .profile found in the /usr/newconfig/ folder.

Maybe someone can help.

1. Current:
# @(#)B.11.11_LR

# Default (example of) super-user's .profile file


# Do not put "." in PATH; it is a potential security breach.
# Example assumes /home/root exists.

PATH=/usr/sbin:$PATH:/sbin:/home/root
if [ ! "$VUE" ]; then

# Set up the terminal:
if [ "$TERM" = "" ]
then
eval ` tset -s -Q -m ':?hp' `
else
eval ` tset -s -Q `
fi
stty erase "^H" kill "^U" intr "^C" eof "^D"
stty hupcl ixon ixoff
tabs

echo
echo "Value of TERM has been set to \"$TERM\". "
export TERM

EDITOR=vi
export EDITOR

fi # if !VUE


# Set up shell environment:

set -u # error if undefined variable.
trap "echo 'logout root'" 0 # what to do on exit.


# Set up shell variables:

MAIL=/var/mail/root
# don't export, so only login shell checks.

echo "WARNING: YOU ARE SUPERUSER !!\n"
# Inserted by MV38 installation
export MV38=/opt/mv38/MV38v11.3.1



2. copy in usr/Newconfig/:
# @(#)B.11.11_LR

# Default (example of) super-user's .profile file


# Do not put "." in PATH; it is a potential security breach.
# Do not put "/usr/local/bin" in PATH; it is a potential security breach.
# Example assumes /home/root exists.
set +u

PATH=/usr/sbin:$PATH:/sbin:/home/root

# Be sure that VUE does not invoke tty commands

if [ ! "$VUE" ]; then

# Set up the terminal:
if [ "$TERM" = "" ]
then
eval ` tset -s -Q -m ':?hp' `
else
eval ` tset -s -Q `
fi
stty erase "^H" kill "^U" intr "^C" eof "^D"
stty hupcl ixon ixoff
tabs

echo
echo "Value of TERM has been set to \"$TERM\". "
export TERM

EDITOR=vi
export EDITOR

fi # if !VUE


# Set up shell environment:

set -u # error if undefined variable.
trap "echo 'logout root'" 0 # what to do on exit.


# Set up shell variables:

MAIL=/var/mail/root
# don't export, so only login shell checks.

echo "WARNING: YOU ARE SUPERUSER !!\n"



Hope this clears things a little. I think it all started failing after running the "echo vt100 >> ~/.profile" command.

even after i ran the above echo command, if i do an "echo $TERM", i get this : vt220
0 Kudos
Reply
Torsten.
Acclaimed Contributor

тАО11-05-2008 06:55 AM

тАО11-05-2008 06:55 AM

Re: SSH question

Both files look very much the same exept the last line

# Inserted by MV38 installation
export MV38=/opt/mv38/MV38v11.3.1

You may have by chance any unprintable chars in this file, so I would suggest to save the current file, copy the fresh file into position and add the line from above.

BTW
"echo $TERM" should always print the value that is negotiated between the terminal and the system, this is the way it works.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Reply
de049
Advisor

тАО11-05-2008 07:01 AM

тАО11-05-2008 07:01 AM

Re: SSH question

ok, so how do you recommend i copy the newer file over.

where do i copy it to? it may be a silly question but i need to get this 110% right else i'll get fired :)
0 Kudos
Reply
Torsten.
Acclaimed Contributor

тАО11-05-2008 07:25 AM

тАО11-05-2008 07:25 AM

Re: SSH question

First find out where your home dir is. Usually directly in /, but sometimes it is configured to be in /root or anything.

# echo $HOME
/

# grep root /etc/passwd
root:1p2p3p4p:0:3::/:/sbin/sh

For me it is directly in / (root).

How about owner and permissions?

# ll /.profile
-r--r--r-- 1 bin bin 965 Nov 14 2000 .profile

Now move it away

# mv /.profile /myoldprofile

Bring the fresh copy into place

# cp -p /usr/newconfig/.profile /

Check file, owner and perms

# ll /.profile
-r--r--r-- 1 bin bin 965 Nov 14 2000 /.profile

Now add your custom line via vi:

# vi /.profile

(input and G)
(input and A)
(input )
(now type your line)

(type : wq! )

Now keep in this session (!!), use telnet and open a new session to check.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Reply
de049
Advisor

тАО11-06-2008 12:49 AM

тАО11-06-2008 12:49 AM

Re: SSH question

Hi, i am going to follow your recommendations now, but i'm confused with the following instructions:

(input and G)
(input and A)
(input )
(now type your line)

I assume its just a ay of setting the cursor focus within vi to the last section of the file?

Please explain what these commands will do and if the commands are actually pressing SHIFT and letter G simultaneously whilst in vi. Sorry, i'm not a unix whiz, but thanks to you guys i might become one soon :)

thanks guys
0 Kudos
Reply
Danny Petterson - DK
Trusted Contributor

тАО11-06-2008 12:59 AM

тАО11-06-2008 12:59 AM

Re: SSH question

(input and G)
(input and A)
(input )
(now type your line)

Hi!

Pretty sure its:
First:
vi .profile

Then:
SHIFT+g (at the same time - sends you to the end of the file)
SKIFT+A (Appends text in the end of the file)
press ENTER (goes to the next line)

Now:
Enter your line

And:
Press ESC
Type :wq! (all four characters - means write and quit now)

That should be sufficent explanation?

Good luck
Yours
Danny
Reply
de049
Advisor

тАО11-06-2008 01:04 AM

тАО11-06-2008 01:04 AM

Re: SSH question

Danny,

thats smashing! :)

Will update with findings shortly.
0 Kudos
Reply
de049
Advisor

тАО11-06-2008 02:23 AM

тАО11-06-2008 02:23 AM

Re: SSH question

ok,

done changes as advised. All looks nice and clean.

however, i still get this when i log into another session via telnet.

# RNING: YOU ARE SUPERUSER !!"vt220".

Here's the new, fresh .profile file. Looks like this is NOT where the problem lies.

I have just tried via PUTTY and its all ok.

Looks like the Reflections software client i am using is playing around.

Guys, let me not waste any more of your time on this.

Thanks a million to all invloved for a great support and eductaional session at the same time.

;-)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.