On 28/02/2013 15:51, Tony Del Porto wrote:
If you go down the force command route, another trick is to write a script with the set of valid commands, and then use that script as the force command. One benefit is the ability to change the force command without having to edit authorized_keys for every user or sshd_config to make a change to the allowed command.
to add more detail to Tony's reply, there's a shell variable that conveys the original command given to ssh. So you can switch on that and then run the exact command and/or args you want to run.
("The command originally supplied by the client is available in the SSH_ORIGINAL_COMMAND environment variable." says sshd(8).)
James. _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
