blob: 0e6d28555415b71a5a2f25f70476ba10625fa192 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
#!/bin/sh
# Modified AuthorizedKeysCommand for running OpenSSH as unprivileged user.
#
# Uses the home directory of the calling user (ascertained through "id -un")
# instead of the authenticated user.
fingerprint=$3
authline="$4 $5"
username=$(id -un)
userhome=$(getent passwd $(id -un) | (IFS=: read _ _ _ _ _ home _ && echo "$home"))
case "$userhome" in
'' | *"'"* ) exit ;;
esac
usercommand=$userhome/.ssh/AnonymousAccessCommand
[ -x "$usercommand" ] || exit
printf 'command="%s",no-port-forwarding %s\n' "$usercommand $fingerprint" "$authline"
|