Tunnel-only SSH keys

From: markzero (mark_at_darklogik.org)
Date: 09/22/05

Next message: Jeremie Le Hen: "Re: Tunnel-only SSH keys"

Previous message: Simon L. Nielsen: "Re: Mounting filesystems with "noexec""
Next in thread: Jeremie Le Hen: "Re: Tunnel-only SSH keys"
Reply: Jeremie Le Hen: "Re: Tunnel-only SSH keys"
Reply: David Wolfskill: "Re: Tunnel-only SSH keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 Sep 2005 16:27:18 +0100
To: freebsd-security@freebsd.org

Hello.

I once read somewhere that it's possible to limit SSH pubkeys to
'tunnel-only'. I can't seem to find any information about this
in any of the usual places.

I'm going to be deploying a few servers in a couple of days and
I'd like them to log to a central server over an SSH tunnel (using
syslog-ng) however I'd like to prevent actual logins (hence
'tunnel-only').

Can this be done with OpenSSH? I'd like to try and stay away from
the complexities of a chrooted-stunnel for now...

cheers,
M

-- 
pgp: http://www.darklogik.org/pub/pgp/pgp.txt
0160 A46A 9A48 D3B0 C92F B690 17FB 4B72 0207 ED43

application/pgp-signature attachment: stored

Next message: Jeremie Le Hen: "Re: Tunnel-only SSH keys"

Previous message: Simon L. Nielsen: "Re: Mounting filesystems with "noexec""
Next in thread: Jeremie Le Hen: "Re: Tunnel-only SSH keys"
Reply: Jeremie Le Hen: "Re: Tunnel-only SSH keys"
Reply: David Wolfskill: "Re: Tunnel-only SSH keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]