[Bug 1172] [PATCH] Restrict public key authentication to scp access only

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Mar 9 08:33:00 EST 2006


http://bugzilla.mindrot.org/show_bug.cgi?id=1172





------- Comment #2 from tomwilliams14 at comcast.net  2006-03-09 08:32 -------
An alternative to the above hack might be to recognize a new option, e.g.,
"scp-only" and change auth_parse_options() to recognize this option and set a
global variable similar to what happens with, say, "no-port-forwarding".  Then
change the patch to check for this global variable and act accordingly if it is
set instead of abusing the command= option with "magic values".  Then to get
the "only scp with this key" behavior you could insert "scp-only" at the
beginning of the key instead of command="scp-only". I'd be happy to provide
this patch if it has a better chance of acceptance.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list