rsync, passwords and getting my logs
Bob Bell
bbell at hp.com
Tue Jun 3 10:26:17 EDT 2003
On Tue, Jun 03, 2003 at 09:50:51AM -0400, bscott at ntisys.com <bscott at ntisys.com> wrote:
> On Tue, 3 Jun 2003, at 8:56am, bbell at hp.com wrote:
> >> For best results, use a dedicated account, and restrict the commands that
> >> can be run in the SSH authorized_keys file.
> >
> > Are you saying that you can limit the commands by some special
> > configuration of the authorized_keys file? If so, please say more.
>
> Pretty much. You add an option like
>
> command=foo
>
> at the start of the line of the key in question. That will force that
> command to execute every time the corresponding key is used to authenticate.
>
> > There's no authorized_keys man page, and it's not immediately obvious from
> > the format of authorized_keys, but I'm interested.
>
> authorized_keys is documented in the OpenSSH sshd(8) man page.
Thanks, this is very useful, including the other documented options
as well. I'm off to lock down some of my ssh setup even tighter.
--
Bob Bell <bbell at hp.com>
-------------------------------------------------------------------------
"Software gets slower faster than hardware gets faster!"
-- "Wirth's Law" - Niklaus Wirth, famous computer scientist
More information about the gnhlug-discuss
mailing list