diff options
| author | Andrew Cady <d@cryptonomic.net> | 2021-10-24 06:15:10 -0400 |
|---|---|---|
| committer | Andrew Cady <d@cryptonomic.net> | 2021-10-24 06:18:45 -0400 |
| commit | 5e1f460dd3bf6288893ae61429a94dd90d19cdfb (patch) | |
| tree | c0811cf81cbdcad19d0f7bd84b26350ad3835310 /EndoForge/openssh/AuthorizedKeysCommand | |
| parent | 187db8e649641aa64dc49c29ea6bbeba1f7cabf7 (diff) | |
Removing run-sshd script
I realized that if you are running `sshd` as a user, then you can just
use `ForceCommand=` directly in the `sshd_config`.
This eliminates the need for fakeroot. And that simplifies the setup
enough so that the `openssh/` directory can go away.
Diffstat (limited to 'EndoForge/openssh/AuthorizedKeysCommand')
| -rwxr-xr-x | EndoForge/openssh/AuthorizedKeysCommand | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/EndoForge/openssh/AuthorizedKeysCommand b/EndoForge/openssh/AuthorizedKeysCommand deleted file mode 100755 index 0e6d285..0000000 --- a/EndoForge/openssh/AuthorizedKeysCommand +++ /dev/null | |||
| @@ -1,21 +0,0 @@ | |||
| 1 | #!/bin/sh | ||
| 2 | # Modified AuthorizedKeysCommand for running OpenSSH as unprivileged user. | ||
| 3 | # | ||
| 4 | # Uses the home directory of the calling user (ascertained through "id -un") | ||
| 5 | # instead of the authenticated user. | ||
| 6 | |||
| 7 | fingerprint=$3 | ||
| 8 | authline="$4 $5" | ||
| 9 | |||
| 10 | username=$(id -un) | ||
| 11 | userhome=$(getent passwd $(id -un) | (IFS=: read _ _ _ _ _ home _ && echo "$home")) | ||
| 12 | |||
| 13 | case "$userhome" in | ||
| 14 | '' | *"'"* ) exit ;; | ||
| 15 | esac | ||
| 16 | |||
| 17 | usercommand=$userhome/.ssh/AnonymousAccessCommand | ||
| 18 | |||
| 19 | [ -x "$usercommand" ] || exit | ||
| 20 | |||
| 21 | printf 'command="%s",no-port-forwarding %s\n' "$usercommand $fingerprint" "$authline" | ||