Hi, does there exist a functionality in the current code, which allows the setting of an environment variable at the server side that represents the original user id at the ssh client side. The intention for that is, that i will know who the real user at the ssh client side is, if the user sets the option "-l <user>" in the ssh command. In the current code, I found only the options.user structure, which contains the username for the new session, but there is no parameter for transferring the original user name if the -l option is used. I need the original UID for an auditing mechanism at the server side. Example: user1 at host1>ssh host2 -l user2 : host2 does't know, that user1 has made the ssh connection from host1 Roland
Roland wrote:> Hi, > > does there exist a functionality in the current code, which allows the > setting of an environment variable at the server side that represents > the original user id at the ssh client side.No, the server side would have to trust the client to not lie about the uid anyway. If you are happy with this trust, then you could probably cook something up with the existing environment passing support (see SendEnv and AcceptEnv in client and server config manpages) -d
Maybe Matching Threads
- "Virtual hosts" for ssh
- [Bug 1837] New: scp fails key auth/connection on second host when two remote paths are specified
- [Bug 1346] New: PAM environment takes precedence over SendEnv
- [Bug 2210] New: scp -q isn't quiet when copying between two remote hosts
- Sending PATH using SendEnv