Hi, On Mon, 14 Apr 2008 12:18:06 +1000 "Amos Shapira" <[EMAIL PROTECTED]> wrote:
> Hello, > > I'm setting up a script which uses sftp to manipulate remote files > through ssh. I created a private/public key pair for it without a pass > phrase on it, installed the public key on the remote server and now I > can use both "ssh" and "sftp" to login to it. > > I'd like to restrict this key to be able to use only "sftp" and nothing else. > > According to "man sshd", the "command" option should do that: > > command="command" > Specifies that the command is executed whenever this key is used > for authentication. > ...Note that this option applies to shell, command or subsystem execution. > > So I added a "command="sftp"" to that key's line but this causes the > entire session to abort. When I remove the "command" part I can use > sftp and ssh again. http://troy.jdmz.net/rsync/index.html has an example. from="10.1.1.1",command="/home/remoteuser/cron/validate-rsync" ssh-dss AAAAB3Nza C1kc3MAAAEBAKYJenaYvMG3nHwWxKwlWLjHb77CT2hXwmC8Ap+fG8wjlaY/9t4uA+2qx9JNorgdrWKhH SKHokFFlWRj+qk3q+lGHS+hsXuvta44W0yD0y0sW62wrEVegz+JVmntxeYc0nDz5tVGfZe6ydlgomzj1 bhfdpYe+BAwop8L+EMqKLS4iSacNjoPlHsmqHMnbibn3tBqJEq2QJjEPaiYj1iP5IaCuYBhuTKQGa+oy H3mXEif5CKdsIKBj46B0tCy0/GC7oWcUN92QdLrUyTeRJZsTWsxKpRbMliD2pBh4oyX/aXEf8+HZBrO5 vQjDBCfTFQA+35Xrd3eTVEjkGkncI0SAeUAAAAVAMZSASmQ9Pi38mdm6oiVXD55Kk2rAAABAE/bA402V <SNIP> -- Regards Mick Pollard ( lunix ) ------------------------------------------------ BOFH Excuse of the day: Non-Static Checksum Dereferencing
pgpzCi5UD97zO.pgp
Description: PGP signature
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html