Re: OpenSSH environment passing

From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 11/24/05 

Date: 24 Nov 2005 12:44:35 GMT

On 2005-11-24, simon_l_evans@yahoo.co.uk <simon_l_evans@yahoo.co.uk> wrote:
> Yeah, I read the man page strangely enough. The problem was in the
> order of the values in the authorized_keys file...
>
> Did have:
> from, ssh-rsa <key>, environment, comment
> also tried
> from, environment, ssh-rsa <key>, comment

There should be no space between the from and the environment. I suspect
this one didn't let you authenticate at all.

> then
> environment, ssh-rsa <key>, from, comment
> and this last one worked.

But the "from" restrictions won't since it's now part of the comment.
That ought to be:
environment="[foo]",from="[bar]" ssh-rsa <key> comment

> Hmmmm. Didn't see that in any docs.

It's cleverly hidden in sshd(8) under "AUTHORIZED_KEYS FILE FORMAT"
[...]
     Each line of the file contains one key (empty lines and lines starting
     with a '#' are ignored as comments). Each RSA public key consists of
     the following fields, separated by spaces: options, bits, exponent, mod-
     ulus, comment. Each protocol version 2 public key consists of: options,
     keytype, base64 encoded key, comment. The options field is optional;
[...]

There's some examples too... 

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Relevant Pages