Displaying 9 results from an estimated 9 matches for "forcedcommand".
Did you mean:
forcecommand
2015 Nov 26
2
How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)
Hi Peter,
What I am looking for is an SSHD configuration where every successfully
authenticated connection also guaranteedly will lead to a ForcedCommand
invocation.
Currently I understand this to be the case only for the connections that
open channel to deliver a terminal, command or SFTP (I don't know if you
have a collective name for such non-forwarding channels).
Is this possible?
Do you feel that it is a relevant feature?
Thanks,
T...
2011 Jun 10
4
[Bug 1914] New: ssh-add: add an option to cryptographically verify if agent can access the matching private key of a given public key
..." the agent as checking the output of "ssh-add
-L" would do.
Use case:
For remote access, the user log in from home. First a one-time-password
is used to authenticate the user via PAM. Then we want to check if the
user has his key loaded into the ssh-agent. Currently we do this by a
ForcedCommand which opens another ssh session, where the key is used
for authentication. We would like to do that test directly in the
ForcedCommand script.
The patch is based on 5.8p2 and implements that feature for ssh1 and
ssh2, contains regression tests and updates the man page.
--
Configure bugmail: http...
2018 Jan 04
2
SFTP chroot: Writable root
(this is the third try. In the previous mails the body was empty)
Hi,
I set up a chroot sftp server by following this guide:
https://wiki.archlinux.org/index.php/SFTP_chroot
Things work well, with one exception:
The root directory is not writable.
The above docs give a hint how to work around this.
But this is just a work-around.
In my context I need a writable (ch)root directory.
2014 Sep 24
5
[Bug 2281] New: sshd accepts empty arguments in ForceCommand and VersionAddendum
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
Bug ID: 2281
Summary: sshd accepts empty arguments in ForceCommand and
VersionAddendum
Product: Portable OpenSSH
Version: 6.6p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
2008 Mar 24
1
ForceCommand and NFS-shared home directories
> > On Mar 22, 2008, at 3:32 PM, Chris Wilson wrote:
> >
> >> As I understand the "ForceCommand" in the sshd_confing file is meant to
> >> ignore any command supplied by the client, but if user's home is shared
> >> by server and client machines over network (ex. NFS) then user can
> >> still put something else into ~/.ssh/rc file and
2015 Nov 26
2
How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)
On 2015-11-26 13:03, Darren Tucker wrote:
> On Thu, Nov 26, 2015 at 3:41 PM, Tinker <tinkr at openmailbox.org> wrote:
>> What I am looking for is an SSHD configuration where every
>> successfully
>> authenticated connection also guaranteedly will lead to a
>> ForcedCommand
>> invocation.
> [...]
>> Is this possible?
>
> I don't think it's possible. Or at least, not in any reasonable way.
>
> The SSH (v2) protocol can have zero or more channels multiplexed over
> it, and after the connection has been established (and authentica...
2007 May 16
2
Disabling ForceCommand in a Match block
Hello,
I am trying to force a command for all users *except* for users in the
"wheel" group. My idea was to do the following in sshd_config:
ForceCommand /usr/bin/validate-ssh-command
Match Group wheel
ForceCommand
But obviously this doesn't work, because ForceCommand requires an
argument. I couldn't find a way to achieve what I want.
I wrote a patch that adds a
2015 Nov 25
6
How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)
Hi!
I tried with all available options to disable forwarding-only
connections, by:
"AllowAgentForwarding no
AllowTcpForwarding no"
This had no effect, so what I got in effect was dummy connections.
I would like to disable this "class" of connections altogether. The
outcome will be that all authenticated connections will lead to a
command, be it /usr/libexec/sftp-server
2017 Feb 11
12
[Bug 12576] New: popt aliases allow users to bypass sudo argument restrictions
https://bugzilla.samba.org/show_bug.cgi?id=12576
Bug ID: 12576
Summary: popt aliases allow users to bypass sudo argument
restrictions
Product: rsync
Version: 3.1.3
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: core
Assignee: