Re: Restricting SSH file transfers

From: Thomas Binder (gryf+usenet_at_hrzpub.tu-darmstadt.de)
Date: 08/20/03

• Next message: Brian Pence: "Re: Search a Windows SSH client with range limitation !"
• Previous message: Richard E. Silverman: "Re: Openssh 3.6.1p2 on AIX 5.2 Connection closed ..."
• In reply to: Richard E. Silverman: "Re: Restricting SSH file transfers"
• Next in thread: Darren Tucker: "Re: Restricting SSH file transfers"
• Reply: Darren Tucker: "Re: Restricting SSH file transfers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 20 Aug 2003 17:27:29 +0000 (UTC)

Hi!

Richard E. Silverman <res@qoxp.net> wrote:
> command="command"
> Specifies that the command is executed whenever this key is used
> for authentication. The command supplied by the user (if any) is
> ignored...

Actually, it's not fully ignored, as the original command is
supplied in $SSH_ORIGINAL_COMMAND, thus the forced command can act
differently depending on what was requested by the user.

Unfortunately, this is only documented in ssh(1), while the forced
command feature itself is documented in sshd(8) ...

Ciao

Thomas

-- 
Thomas Binder (Gryf @ IRCNet)  gryf+usenet@hrzpub.tu-darmstadt.de
PGP-key available on request!
Vote against SPAM:             http://www.politik-digital.de/spam/

• Next message: Brian Pence: "Re: Search a Windows SSH client with range limitation !"
• Previous message: Richard E. Silverman: "Re: Openssh 3.6.1p2 on AIX 5.2 Connection closed ..."
• In reply to: Richard E. Silverman: "Re: Restricting SSH file transfers"
• Next in thread: Darren Tucker: "Re: Restricting SSH file transfers"
• Reply: Darren Tucker: "Re: Restricting SSH file transfers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [PATCH] ide-cd: fix some codestyle and most of the checkpatch.pl issues ... Generic packet command support and error handling routines. ... -/* Returns 0 if the request should be continued. ... HANDLER is the routine ... (Linux-Kernel) [PATCH 32/32] ide-tape: cleanup the remaining codestyle issues ... * After each failed packet command we issue a request sense command and retry ... * The following parameter is used to select the point in the internal tape fifo ... int merge_stage_sz; ... (Linux-Kernel) RE: EvtWmiInstanceExecuteMethod OutBufferSize problem ... Dim InstanceCount ... Description("Network Function for this IPMI request.") ... Description("IPMI request command"): amended ... "Command response could not be provided", ... (microsoft.public.development.device.drivers) EvtWmiInstanceExecuteMethod OutBufferSize problem ... Dim InstanceCount ... Description("Network Function for this IPMI request.") ... Description("IPMI request command"): amended ... "Command response could not be provided", ... (microsoft.public.development.device.drivers) Re: project BIG AppleCrate ... request page "123.123.123.123/NADAOPEN FILE ... webserver gets command, recognizes it as being for NadaNet. ... It sends the command over a serial connection to the Master ... the webpage used to control this internet enabled NadaNet could ... (comp.sys.apple2)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint