diff options
author | Gordon GECOS <u@adam> | 2023-06-02 18:20:15 -0400 |
---|---|---|
committer | Gordon GECOS <u@adam> | 2023-06-02 18:21:18 -0400 |
commit | 6c5b2b2f7c6ea156d5f71fa814d51c85466501d0 (patch) | |
tree | 52e960afb6d73a617add2ea651dcc3f80292e55d /src/openssh | |
parent | 3e796eebdc1dd3ab96641bb147e4810d2fc41be5 (diff) |
Diffstat (limited to 'src/openssh')
-rw-r--r-- | src/openssh/AnonymousForceCommand | 2 | ||||
-rw-r--r-- | src/openssh/AuthorizedKeysCommand | 11 | ||||
-rw-r--r-- | src/openssh/fossil-user.conf | 3 |
3 files changed, 16 insertions, 0 deletions
diff --git a/src/openssh/AnonymousForceCommand b/src/openssh/AnonymousForceCommand new file mode 100644 index 0000000..cc69ce3 --- /dev/null +++ b/src/openssh/AnonymousForceCommand | |||
@@ -0,0 +1,2 @@ | |||
1 | #!/bin/sh | ||
2 | exec socat stdio /run/fossil-user.S | ||
diff --git a/src/openssh/AuthorizedKeysCommand b/src/openssh/AuthorizedKeysCommand new file mode 100644 index 0000000..de0732a --- /dev/null +++ b/src/openssh/AuthorizedKeysCommand | |||
@@ -0,0 +1,11 @@ | |||
1 | #!/bin/sh | ||
2 | username=$1 | ||
3 | shift | ||
4 | |||
5 | [ "$username" ] | ||
6 | cmd=/etc/ssh/user-$username.AnonymousForceCommand | ||
7 | [ -x "$cmd" ] || exit | ||
8 | |||
9 | key=$1 | ||
10 | shift | ||
11 | printf 'restrict,pty,command="%s" %s\n' "$cmd" "$key" | ||
diff --git a/src/openssh/fossil-user.conf b/src/openssh/fossil-user.conf new file mode 100644 index 0000000..86387e7 --- /dev/null +++ b/src/openssh/fossil-user.conf | |||
@@ -0,0 +1,3 @@ | |||
1 | ExposeAuthInfo=yes | ||
2 | AuthorizedKeysCommandUser=root | ||
3 | AuthorizedKeysCommand=/etc/ssh/AuthorizedKeysCommand "%u" "%t %k" | ||