How to use "from=" with "command=" ???
From: Joe Harrison (qwertasdf@teamware.co.uk)Date: 07/24/02
- Next message: : "Re: Linux, Putty, Keys problem"
- Previous message: Nico Kadel-Garcia: "Re: OpenSSH 3.4-1 Installation Errors"
- Next in thread: Richard E. Silverman: "Re: How to use "from=" with "command=" ???"
- Reply: Richard E. Silverman: "Re: How to use "from=" with "command=" ???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Joe Harrison" <qwertasdf@teamware.co.uk> Date: Wed, 24 Jul 2002 14:54:21 +0100
My authorized_keys file syntax is being rejected even though I'm sure it's
legal. If anyone can help with this I would be extremely grateful, going
round in circles here.
I'm trying to setup an account on a Solaris 8 server that requires RSA
key-based login; I want to restrict the account to the execution of one
single command, and allow login only from one single TCP/IP address. (This
is because I want the login to be cron-automated on the client, which means
having no passphrase on the key, which means I'm extra nervous.)
I can use "command=" in the authorized_keys file to restrict the command,
this works fine. I can also use "from=" to restrict the originating address,
this also works. But how do I get *both* these conditions to operate? If I
specify *both* the "from=" and "command=" fields then I get "non ssh1 key
syntax" even though I configured it exactly according to the sshd man page.
If authorized_keys looks like this:
----------------------------------
from="10.142.125.64", command="rsync --server --sender -vlogDtprz . testzz",
no-pty,no-port-forwarding,no-X11-forwarding,
no-agent-forwarding, 1023 37 [blah blah numbers] rsync file mirroring
----------------------------------
(linebreaks inserted for readability)
Then this happens:
----------------------------------
Failed rsa for rsync from 10.142.125.64 port 32817
debug1: temporarily_use_uid: 140/101 (e=0)
debug1: trying public RSA key file /home/rsync/.ssh/authorized_keys
debug1: /home/rsync/.ssh/authorized_keys, line 1: non ssh1 key syntax
debug1: restore_uid
Failed rsa for rsync from 10.142.125.64 port 32817
debug1: rcvd SSH_CMSG_AUTH_TIS
Failed challenge-response for rsync from 10.142.125.64 port 32817
Connection closed by 10.142.125.64
----------------------------------
This is OpenSSH 3.4p1, I'm using SSH1 protocol out of habit but would be
prepared to try SSH2 if it might resolve my problem.
TIA
Joe
- Next message: : "Re: Linux, Putty, Keys problem"
- Previous message: Nico Kadel-Garcia: "Re: OpenSSH 3.4-1 Installation Errors"
- Next in thread: Richard E. Silverman: "Re: How to use "from=" with "command=" ???"
- Reply: Richard E. Silverman: "Re: How to use "from=" with "command=" ???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
