diff --git a/README.md b/README.md
index fbc1bc0..379ad3e 100644
--- a/README.md
+++ b/README.md
@@ -50,9 +50,10 @@ $ cd /tmp/busybox-1.22.0
 $ file busybox
 busybox: ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), statically linked,
 for GNU/Linux 3.7.0, BuildID[sha1]=c9e20e9849ed0ca3c2bd058427ac31a27c008efe, stripped
-$ tar cf breakglass.tar busybox
+$ ln -s busybox sh
+$ tar cf breakglass.tar --dereference sh
 $ scp breakglass.tar gokrazy:
-$ ssh gokrazy -t ./busybox sh
+$ ssh gokrazy
 /tmp/breakglass564067692 # df -h
 Filesystem                Size      Used Available Use% Mounted on
 /dev/root                60.5M     60.5M         0 100% /
@@ -60,4 +61,4 @@ devtmpfs                445.3M         0    445.3M   0% /dev
 tmpfs                    50.0M      1.8M     48.2M   4% /tmp
 tmpfs                     1.0M      8.0K   1016.0K   1% /etc
 /dev/mmcblk0p4           28.2G     44.1M     26.7G   0% /perm
-```
\ No newline at end of file
+```
diff --git a/ssh.go b/ssh.go
index 4253934..efad8fe 100644
--- a/ssh.go
+++ b/ssh.go
@@ -106,10 +106,8 @@ func (s *session) request(req *ssh.Request) error {
 		s.env = append(s.env, fmt.Sprintf("%s=%s", name, value))
 
 	case "shell":
-		// as per https://tools.ietf.org/html/rfc4254#section-6.5,
-		// shell requests don’t carry a payload, and we don’t have a
-		// default shell, so decline the request
-		return fmt.Errorf("shell requests unsupported, use exec")
+		req.Payload = []byte("\x00\x00\x00\x00sh")
+		fallthrough
 
 	case "exec":
 		if got, want := len(req.Payload), 4; got < want {