Displaying 1 result from an estimated 1 matches for "ssh_allowed_euid".
Did you mean:
ssh_allowed_euids
2013 Apr 01
1
ssh-agent allowing access to other users?
...would seem most
reasonable to permit?
Some example interface choices:
A) ssh-agent could take a new -g option indicating the name of a unix
group; if a peer's euid is a member of that group (based on the same
logic used by sshd's AllowGroups option) then access would be granted.
B) the SSH_ALLOWED_EUIDS environment variable for the ssh-agent process
could be read as a whitespace-separated list of acceptable numeric uids
to allow connections from?
C) some other configuration interface/authorization interface? I'm
open to suggestions...
I'd be happy to write up a patch for A or B if fol...