[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: openssh



Are you sure "command" can do that? man sshd on my system says:
     command="command"
             Specifies that the command is executed whenever this key is
used
             for authentication.  The command supplied by the user (if any)
is
             ignored.
Maybe this is a difference between the linux- and the OpenBSD version
of ssh?

-----Oorspronkelijk bericht-----
Van: Steven [mailto:magusbaal_(_at_)_digitalbastards_(_dot_)_net]
Verzonden: maandag 21 april 2003 23:19
Aan: ports_(_at_)_openbsd_(_dot_)_org; folkert_(_at_)_vanheusden_(_dot_)_com
Onderwerp: RE: openssh


Any reason not to use the ssh keys? You can create password-less keys, and
then limit what commands those keys can run in the
~/.ssh/authorized_keys[1].


[1] My authorized_keys looks like this for password-less keys:
from="host",command="/path/to/some/program" ssh-dss blahblahIma
Keyfingerprintblahblahreallylongblahblah


Perhaps that will help?


--
Steven
"exitus acta probat"
"fide, sed cui vide"

-----Original Message-----
From: owner-ports_(_at_)_openbsd_(_dot_)_org [mailto:owner-ports_(_at_)_openbsd_(_dot_)_org] On Behalf Of
folkert_(_at_)_vanheusden_(_dot_)_com
Sent: Monday, April 21, 2003 2:08 PM
To: ports_(_at_)_openbsd_(_dot_)_org
Subject: openssh


Hi,

Since you all are into porting applications, I guess there's a lot of
knowledge in this group. So that's why I'm asking this question here.
Does anyone know how to start ssh so that I can feed it a password?
Because that way, I could add functionality to multitail that you can also
view logfiles on other machines. A nice option, in my opinion.
Did a strace (or truss) on ssh and I saw that it opens /dev/tty for the
password-question. So I figured I just could create a pseudo-tty "around
it" (with openpty, fork and exec) but that ain't working.
Has anyone a suggestion?


Folkert