similar to: Disabling remote commands, provide shell only

Hello List, I'am using the ForceCommand in my sshd configuration to log all the user actions on my device. ForceCommand /usr/bin/log-session.sh The Log Session Script itself is working fine for logging. But now I want also use SCP to copy files and this won't work together with the ForceCommand above. The copied file is created but its zero byte on the target. scp file.tar.gz

Hi, I would like to request password protection in syslinux. I know that it has come up a few times on the mailing list (google for "site:www.zytor.com syslinux password"), and on http://www.zytor.com/pipermail/syslinux/2002-May/000421.html you say interesting things about COMBOOT images. So I was wondering if I could bring that feature request to your attention again :) grub has it,

On 12.11.23 03:52, Damien Miller wrote: > On Sat, 11 Nov 2023, Bob Proulx wrote: > >> I am supporting a site that allows members to upload release files. I >> have inherited this site which was previously existing. The goal is >> to allow members to file transfer to and from their project area for >> release distribution but not to allow general shell access and not

On Sat, 11 Nov 2023, Bob Proulx wrote: > I am supporting a site that allows members to upload release files. I > have inherited this site which was previously existing. The goal is > to allow members to file transfer to and from their project area for > release distribution but not to allow general shell access and not to > allow access to other parts of the system. > >

Hi everyone. I'm looking for a way to identify my SSH's users according to their public key; I mean I would like to have their name logged in my bash session (in a shared unix account). I put this in my .profile: export HISTTIMEFORMAT="[%Y-%m-%d %H:%M:%S - $SSH_USER] " So now I'm trying to make OpenSSH fill the "SSH_USER" variable. First I have to exclude the

Hi, We're developing an open source project that uses SSH certificates. We issue short lived certificates (few minutes) to execute commands on behalf of users. We have a use case where we need to issue certificates with 10 days validity and store them, so we put a command inside them: ssh-keygen -s ca-key -I certN -n user -O force-command="wget something" -V +10d user-key.pub and

Folks, I'm curious if the documented behavior of portable OpenSSH (specifically Linux) may be at odds with the actual behavior I have seen in my experiments. Here is the background: I manage an application which collects data from a client script (Korn shell) which runs on Unix and Linux servers across the entire enterprise. The client communicates with a Linux server (currently running RHEL

This is a new branch of an old thread, made necessary because the email system here purges sent messages after a period of time so I can't reply to the last message in the thread. The operative portion of that last message (retrieved from the archives and dated July 3, 2023) follows: /*****/ So I set up a fresh key to use for this test, and gave it similar parameters. I wasn't aware of

Hi, I looked in the archives, but didn't see this asked for before: Would it be possible to have an "auto-compress" mode for ssh where compression is turned on automatically if it makes sense? You could turn it on if you don't care about cpu usage and lag, but just about the speed of transfer. The way I see it working is that when running uncompressed, ssh turns on

Hi there, I would like to have SSH connections be more "sudo-like". With that I mean, when I ssh/scp/sftp to a host and disconnect, the channel is held open for a while in case I reconnect. I wrote a script (attached) that does this. It starts a master SSH daemon for the connection if needed. Then it exec()s SSH. Just put it in your path and use perssh instead of ssh. It has some

http://bugzilla.mindrot.org/show_bug.cgi?id=1338 Summary: Idletimeout for both client and server Product: Portable OpenSSH Version: 4.6p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: wmertens at

Hi, This is sort of a strange issue. But I am experimenting with ways to have a user log in and be presented with a perl script to interact with. When I do either or both of the following: 1) set the user's shell to /usr/bin/myperlscript 2) specify ForceCommand /usr/bin/myperlscript, applied to my user ...I get strange behavior when a command is appended to the client connect

Hi, I'm trying to use pxelinux to start Linux and optionally other things, maintained by windows folks. They use the Intel pxe boot loader, bstrap.0, and when I load it with a "kernel bstrap.0" statement, it fails. The reason it fails is because it can't find the !PXE data area. I guess it doesn't get the correct pointer or something along those lines. Do you think it

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello to every one! Maybe this is not exactly the right place, but I don't know where to ask, so... I have a FreeBSD-6-STABLE machine, setuped with custom nss lib which reads from pgsql database. It seems to be working just fine except that I can't login trought ssh, when trying the normal method. When I do $>ssh host.com tcsh I get

Hello, I am trying to force a command for all users *except* for users in the "wheel" group. My idea was to do the following in sshd_config: ForceCommand /usr/bin/validate-ssh-command Match Group wheel ForceCommand But obviously this doesn't work, because ForceCommand requires an argument. I couldn't find a way to achieve what I want. I wrote a patch that adds a

Hi, I've posted this question on ServerFault, but no answer has been found (http://serverfault.com/questions/431329/user-cant-sftp-after-chroot). I have version 1:5.3p1-3ubuntu7 To sum up: I want to chroot the user sam. Things I have done: - add user 'sam' to group 'users' - added Subsystem sftp internal-sftp to /etc/ssh/sshd_config (at the bottom) - added a Match : -- Match

I am supporting a site that allows members to upload release files. I have inherited this site which was previously existing. The goal is to allow members to file transfer to and from their project area for release distribution but not to allow general shell access and not to allow access to other parts of the system. Currently rsync and old scp has been restricted using a restricted shell

Hi Using SSH_ORIGINAL_COMMAND in AuthorizedKeys is so helpful, I'd like to know if it might be possible to access it in the AuthorizedKeysCommand context (via env ?). Is this possible ? can anybody give me advice on going into this ? If possible, I'll use this SSH_ORIGINAL_COMMAND to send client specifics information to the AuthorizedKeysCommand script. Currently, the only alternative

https://bugzilla.mindrot.org/show_bug.cgi?id=2253 Bug ID: 2253 Summary: No "$@"-like SSH_ORIGINAL_COMMAND leads to escaping, arg-sep and metachar issues Product: Portable OpenSSH Version: 6.6p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5

On Wed, Jan 21, 2015 at 17:29:00 +0000, Alex Bligh wrote: > > On 21 Jan 2015, at 15:36, Jason Vas Dias <jason.vas.dias at gmail.com> wrote: > > > Please can OpenSSH provide some way of specifying which shell to use to > > execute commands on a host. > > Using dash as an example of another shell: > > ssh 127.0.0.1 -t dash > > and > >