Re: Single purpose keys for scp
From: Claire (perdita_at_mcc.ac.uk)
Date: 10/07/03
- Next message: Claire: "Win32 SCP problems"
- Previous message: Nico Kadel-Garcia: "Re: host key not verifiable in remote: 'Corrupt or nonexistent host key or algorithm. '"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 7 Oct 2003 14:02:45 +0000 (UTC)
"Craig Robinson" <craig.robinson@epa.qld.gov.au> writes:
>Folks,
>I have successfully been using "single purpose" keys to do some basic remote
>commands over ssh. To create a single purpose key, I have been pre-pending
>the following text (as an example) to the beginning of a public key in the
>authorized_keys2:
>
>command="df -k",no-port-forwarding,no-X11-forwarding,no-agent-forwarding
>ssh-dss AA....... etc.
>
>This enables only the running of the "df -k" command remotely (and only the
>df -k command).
>
>This works fine when you want to run a command on a remote machine. But what
>command can you use, if you want to scp FROM your local machine TO a remote
>machine (ie. the scp command needs to be run from the local machine), and
>that is all you want to allow to be done. I can't quite get my head around
>it and would greatly appreciate any clues.
http://www.snailbook.com/faq/restricted-scp.auto.html
Claire
-- Still prettiest by far.
- Next message: Claire: "Win32 SCP problems"
- Previous message: Nico Kadel-Garcia: "Re: host key not verifiable in remote: 'Corrupt or nonexistent host key or algorithm. '"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
