Re: OpenSSH environment passing

simon_l_evans_at_yahoo.co.uk
Date: 11/24/05 

Date: 24 Nov 2005 03:57:16 -0800

Yeah, I read the man page strangely enough. The problem was in the
order of the values in the authorized_keys file...

Did have:
from, ssh-rsa <key>, environment, comment
also tried
from, environment, ssh-rsa <key>, comment

then
environment, ssh-rsa <key>, from, comment
and this last one worked. Hmmmm. Didn't see that in any docs.

Richard E. Silverman wrote:
> >>>>> "SLE" == simon l evans <simon_l_evans@yahoo.co.uk> writes:
>
> SLE> I am using OpenSSH_4.0p1, OpenSSL 0.9.7c 30 Sep 2003 on a Solaris
> SLE> machine. I have seen the use of the
> SLE> environment="LOGNAME=mylogon" in the authorized_keys file and
> SLE> have implemented this. But... I log in and authenticate fine
> SLE> against this key but cannot see where LOGNAME has been
> SLE> changed. In debug mode (server and client) shows LOGNAME as the
> SLE> original and not the overridden value. Not sure if I am
> SLE> understanding the process correctly? Any help appreciated.
>
> Perhaps:
>
> $ man sshd_config
> ...
> PermitUserEnvironment
> Specifies whether ~/.ssh/environment and environment= options in
> ~/.ssh/authorized_keys are processed by sshd. The default is
> ``no''. Enabling environment processing may enable users to
> bypass access restrictions in some configurations using mecha-
> nisms such as LD_PRELOAD.
> ...
>
> --
> Richard Silverman
> res@qoxp.net