[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Restrict usage of ssh-keypair
On Mon, Jun 30, 2003 at 03:23:54PM +0200, Michael 'bukhem' Scherer wrote:
> On Mon, 30 Jun 2003, Vladimir Dvorak wrote:
> >See man 8 sshd. I thing that the best choice would be the parameter
> >no-pty in authorized_keys file. It will disallow to set up the terminal
> Too easy but that did the job.
I think it really is _too_ easy.
if you don't have a tty, you won't get the bash prompt.
but that is about all there is to it.
you still can do what ever bash can do. sorry.
you have to be much more restrictive in the authorized_keys file,
possibly forcing certain commands.
which could parse $SSH_ORIGINAL_COMMAND for additional info ...
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here