1

I'm running a small script when a user accesses my Linux host via SSH. This script should verify and/or set up Google Authenticator MFA access for the user.

Right now it works as intended with one caveat - at any moment during the MFA configuration process, if the user (ie) CTRL+C's, the setup wizard is interrupted, but the SSH session continues. I need it to log out the user trying to access.

How can I achieve this?

This is what I have added at the bottom of my .bashrc file (please note that this is very new to me and that I'm open to criticism/improvements on my current attempt).

# MFA validation/configuration if [[ -n $SSH_CONNECTION ]] ; then echo "SSH connection to remote host successful." echo "testing if MFA is configured..." # is this test enough? file="$HOME/.google_authenticator" if [ -f "$file" ] ; then printf "MFA configured, you may proceed.\n" else printf "MFA not configured; running setup wizard.\n" # the command runs, but the else bit is never reached if google-authenticator ; then # I reach this point if I go to the end of the wizard echo "MFA setup successful" else # this point is never reached echo "MFA setup failed - logging you out" exit fi fi fi
Improve this question

1 Answer 1

Reset to default
3

You can add line 

trap '' 2

at start of you script to disable CTRL+C and 

trap 2

in end to enable CTRL+C functional.

This will prevent user from brake you script execution.

Note that this should be added to /etc/bashrc, making it system wide and not user-modifiable

https://www.cyberciti.biz/faq/unix-linux-shell-scripting-disable-controlc/

Improve this answer
0

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.