blob: 7329eb07c5647d6b8940060818782315402c9670 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
ExposeAuthInfo=yes
AuthorizedKeysCommandUser=root
AuthorizedKeysCommand=/bin/sh -c '[ -x "$0" ] && echo "restrict,pty,command=\\"$0 $*\\" %t %k"' "%h/.ssh/AnonymousAccessCommand" "%f"
# This will break if a user's $HOME contains a double quote. Sorry not sorry.
# This simpler version works:
# AuthorizedKeysCommand=/bin/echo 'restrict,pty,command="%h/.ssh/AnonymousAccessCommand" %t %k'
#
# But that interferes with login failures on accounts that don't have that file.
#
# So a shell script is used that checks to make sure the file exists for the
# user before generating any auth line.
|
