Re: authorized_keys and command=
From: Per Hedeland (per_at_hedeland.org)
Date: 06/19/04
- Next message: Pekka Niiranen: "Re: OpenSSH with RSA auth on XP (Cygwin) Problem"
- Previous message: David Magda: "authorized_keys and command="
- In reply to: David Magda: "authorized_keys and command="
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 19 Jun 2004 12:11:42 +0000 (UTC)
In article <86acz0oawl.fsf@number6.magda.ca> David Magda
<dmagda+trace040423@ee.ryerson.ca> writes:
>
>To increase security a bit I have a special user ("vpn") setup on A
>that allows public-key logins, but has a disabled password. To keep
>the connection going, I have the vmstat(8) command running (to
>minimize issues with connections timing out).
>
>My A:~vpn/.ssh/authorized_keys looks like this:
>
>command="vmstat 3 > /dev/null" ssh-dss AAAAB3Nzaakdghkas ... Vw== user@B
Hm, I don't see how a command that has its output redirected to
/dev/null helps with "keep the connection going", anymore than (e.g.)
sleep 999999999 or the -N option of ssh (OpenSSH).
>When I kill the login on B (with a ^C), the vmstat is still running
>on A. However, if I get rid of the redirection to /dev/null and ^C
>the connection then the vmstat dies.
>
>How is the /dev/null redirection changing the behaviour of the shell
>on A?
The vmstat isn't killed "directly" by the ^C in either case - that just
kills your local ssh process => the connection is closed. When the non-
/dev/null'ed vmstat tries to write to the now closed connection, it gets
SIGPIPE/EPIPE and dies.
--Per Hedeland
per@hedeland.org
- Next message: Pekka Niiranen: "Re: OpenSSH with RSA auth on XP (Cygwin) Problem"
- Previous message: David Magda: "authorized_keys and command="
- In reply to: David Magda: "authorized_keys and command="
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
