Introduction
This is a simple application that is run each and every time a user logs into the local NT machine, once run the SecureShell application determines the user and then runs the appropriate shell for that user. This can be used to ensure users on a particular machine use the specified shell. The reason for this application came up when a set of users at work were required to use a simple secure shell on public accessable machines, while other (read Administrators) were allowed the normal shell priviledges. This application provides such a solution!
This application only is really useful if you want to either force users on a particular machine to use a defined shell. A small known fact is that a user defined shell can be easily setup on a per-user basis by adding the 'shell' registry string under "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon". Using this key allows users to run their own custom shells. For some circumstances this is a great method, the problem lies in the fact that since the key lies in the users own registry hive they own it - and can therefore change the shell setting if they have the ability to get to the registry. Using the SecureShell application system administrators can secure the HKEY_LOCAL_MACHINE registry to prevent users from altering the shell to be run.
This program is freeware. As such, we give no warranty to its accuracy, fitness for any particular use, effects of use, or reliability. It may be freely distributed, although it must be distributed with all original files in their original format intact. Please contact Mobiusware with questions, comments, bug-reports or any updates you would like made to the program.
Installation
Just copy SecureShell.exe to the %SYSTEMROOT%\System32 directory. Then run:
SecureShell -i
SecureShell options are as follows:
| Parameter | Description |
| -i or -I | Installs the SecureShell for system |
| -r or -R | Remove SecureShell from system |
| -h or -H | Describes the available Help |
The SecureShell defines a default user and allows that default to be overriden for specific users. By default the "DefaultUser" is set to be the default NT shell program "userinit.exe".
To add new users to the shell add a key under the "SecureShell\Users" registry key. Once this key has been added you need to configure both the manatory options "ShellName" and "Options" values to the user. All of the SecureShell options are described by the table below:
| Option | Description | |||||||||||||||
| ShellName | The full path of the shell to be used for the selected user. | |||||||||||||||
| Options | The following options are available:
|
|||||||||||||||
| WorkingPath | Working path of the application to be run as the shell. | |||||||||||||||
| SleepTime | Desired Sleep time before running the application. This is useful if a delay is required to guarantee machine resources are available before running the application. |
SecureShell has been developed and tested on NT 4.0 (SP4) and requires no additional runtime DLLs.
Screenshot
SecureShell is not a graphical application and does not currently have a graphical configuration tool. If someone wants such a tool please e-mail us!
- SecShell only determines the required user shell based on the user name. A latter enhancement could also determine the shell based off both the user name and the domain.
- None.
History
Febuary or March 1999 Release 1.0.0.4
Public release.
September 19 1997 Release 1.0.0.3
Internal release.
Release 1.0.0.0 --> 1.0.0.02
Interim development private releases.