3 files changed, 16 insertions, 0 deletions
diff --git a/src/openssh/AnonymousForceCommand b/src/openssh/AnonymousForceCommand
new file mode 100644
index 0000000..cc69ce3
--- /dev/null
+++ b/src/openssh/AnonymousForceCommand
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec socat stdio /run/fossil-user.S
diff --git a/src/openssh/AuthorizedKeysCommand b/src/openssh/AuthorizedKeysCommand
new file mode 100644
index 0000000..de0732a
--- /dev/null
+++ b/src/openssh/AuthorizedKeysCommand
@@ -0,0 +1,11 @@
+#!/bin/sh
+username=$1
+shift
+[ "$username" ]
+cmd=/etc/ssh/user-$username.AnonymousForceCommand
+[ -x "$cmd" ] || exit
+key=$1
+shift
+printf 'restrict,pty,command="%s" %s\n' "$cmd" "$key"
diff --git a/src/openssh/fossil-user.conf b/src/openssh/fossil-user.conf
new file mode 100644
index 0000000..86387e7
--- /dev/null
+++ b/src/openssh/fossil-user.conf
@@ -0,0 +1,3 @@
+ExposeAuthInfo=yes
+AuthorizedKeysCommandUser=root
+AuthorizedKeysCommand=/etc/ssh/AuthorizedKeysCommand "%u" "%t %k"

diff --git a/src/openssh/AnonymousForceCommand b/src/openssh/AnonymousForceCommand new file mode 100644 index 0000000..cc69ce3 --- /dev/null +++ b/src/openssh/AnonymousForceCommand
@@ -0,0 +1,2 @@
	1	#!/bin/sh
	2	exec socat stdio /run/fossil-user.S


diff --git a/src/openssh/AuthorizedKeysCommand b/src/openssh/AuthorizedKeysCommand new file mode 100644 index 0000000..de0732a --- /dev/null +++ b/src/openssh/AuthorizedKeysCommand
@@ -0,0 +1,11 @@
	1	#!/bin/sh
	2	username=$1
	3	shift
	4
	5	[ "$username" ]
	6	cmd=/etc/ssh/user-$username.AnonymousForceCommand
	7	[ -x "$cmd" ] \|\| exit
	8
	9	key=$1
	10	shift
	11	printf 'restrict,pty,command="%s" %s\n' "$cmd" "$key"


diff --git a/src/openssh/fossil-user.conf b/src/openssh/fossil-user.conf new file mode 100644 index 0000000..86387e7 --- /dev/null +++ b/src/openssh/fossil-user.conf
@@ -0,0 +1,3 @@
	1	ExposeAuthInfo=yes
	2	AuthorizedKeysCommandUser=root
	3	AuthorizedKeysCommand=/etc/ssh/AuthorizedKeysCommand "%u" "%t %k"