diff options
| author | Andrew Cady <d@cryptonomic.net> | 2021-10-26 09:29:50 -0400 |
|---|---|---|
| committer | Andrew Cady <d@cryptonomic.net> | 2021-10-26 09:29:55 -0400 |
| commit | 099d70f87208afc6bc0baf098c266c0d705f2453 (patch) | |
| tree | c920faf0df43a51d882ab7e31873535b998924de /OpenSSH_Anonymous_Access/anonymous-access.conf | |
| parent | d702643534828f72036d19f75c57ca48a4edc07b (diff) | |
split OpenSSH_Anonymous_Access from EndoForge
EndoForge now installs OpenSSH_Anonymous_Access as a dependency.
Diffstat (limited to 'OpenSSH_Anonymous_Access/anonymous-access.conf')
| -rw-r--r-- | OpenSSH_Anonymous_Access/anonymous-access.conf | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/OpenSSH_Anonymous_Access/anonymous-access.conf b/OpenSSH_Anonymous_Access/anonymous-access.conf new file mode 100644 index 0000000..7329eb0 --- /dev/null +++ b/OpenSSH_Anonymous_Access/anonymous-access.conf | |||
| @@ -0,0 +1,13 @@ | |||
| 1 | ExposeAuthInfo=yes | ||
| 2 | AuthorizedKeysCommandUser=root | ||
| 3 | AuthorizedKeysCommand=/bin/sh -c '[ -x "$0" ] && echo "restrict,pty,command=\\"$0 $*\\" %t %k"' "%h/.ssh/AnonymousAccessCommand" "%f" | ||
| 4 | # This will break if a user's $HOME contains a double quote. Sorry not sorry. | ||
| 5 | |||
| 6 | # This simpler version works: | ||
| 7 | # AuthorizedKeysCommand=/bin/echo 'restrict,pty,command="%h/.ssh/AnonymousAccessCommand" %t %k' | ||
| 8 | # | ||
| 9 | # But that interferes with login failures on accounts that don't have that file. | ||
| 10 | # | ||
| 11 | # So a shell script is used that checks to make sure the file exists for the | ||
| 12 | # user before generating any auth line. | ||
| 13 | |||