Login without running bash_profile or bashrc

So let's say one typoed something in their .bashrc that prevents him (or her) from logging in via ssh (i.e. the ssh login exits because of the error in the file). Is there any way that person could login without executing it (or .bashrc since the one runs the other), or otherwise delete/rename/invalidate the file?

Suppose you don't have physical access to the machine, and this is the only user account with the ability to ssh in.

For Reference: .bash_profile includes .bashrc:

[[ -f ~/.bashrc ]] && . ~/.bashrc

Edit: Things I have tried:

ssh user@host "rm ~/.bashrc"

scp nothing user@host:/RAID/home/tom/.bashrc

ssh user@host  "/bin/bash --norc"

All give the error:

/RAID/home/tom/.bashrc: line 16: /usr/local/bin/file: No such file or directory
/RAID/home/tom/.bashrc: line 16: exec: /usr/local/bin/file: cannot execute: No such file or directory

Solution 1:

I think your only options are:

• ssh in as another user and su to your account;

• use something like ftp or smbclient, if the relevant services are enabled on the host;

• find an open vulnerability in an open network service and exploit it :).

• get an admin to fix the problem.

Solution 2:

ssh -t username@hostname /bin/sh works for me.

Solution 3:

I've had the same problem, and somehow was able to solve it. I used ssh to access the system, and pressed and held Ctrl+c as soon as I logged into the system. Then, ~/.bashrc was not read, and I was able to modify it.

Solution 4:

You need to a) start bash without source'ing either ~/.bashrc or ~/.bash_profile and b) since such a shell wouldn't be a full login shell / have no tty attached, force ssh to attach a tty:

ssh -t user@host bash --norc --noprofile

Solution 5:

I used a published CVE to execute a command as root through a web interface in a network monitoring software I had installed. rm /RAID/home/tom/.bashrc

Then I could login and svn revert the changes I made.