[Bug 1172] [PATCH] Restrict public key authentication to scp access only
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Mar 9 08:33:00 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=1172
------- Comment #2 from tomwilliams14 at comcast.net 2006-03-09 08:32 -------
An alternative to the above hack might be to recognize a new option, e.g.,
"scp-only" and change auth_parse_options() to recognize this option and set a
global variable similar to what happens with, say, "no-port-forwarding". Then
change the patch to check for this global variable and act accordingly if it is
set instead of abusing the command= option with "magic values". Then to get
the "only scp with this key" behavior you could insert "scp-only" at the
beginning of the key instead of command="scp-only". I'd be happy to provide
this patch if it has a better chance of acceptance.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list