there are many solutions described to get ur SSH-connection forced to only run SFTP by modifying the sshd_config by adding a new group match and give that new group a Forcecommand internal-sftp

Well that works great but i would love to have a little more feature.

My servers automatically ban IP's which try to connect often in a short time. So when you use any SFTP-Client, which opens multiple connections to work faster it can get banned instandly by the server for a long time.

The servers have a script to whitelist users by administrator. I've modified this script to whitelist the user, which runs the script.

All i need to do is now get the server to execute that script, when somebody logins. On SSH it's no problem, just put it in .bashrc or something like, but the Forcecommand don't runs these scripts on login.

Is there any way to run such a shellscript before or at the same time as the Forcecommand get fired?