[Bug 2081] extend the parameters to the AuthorizedKeysCommand

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Mar 25 01:29:51 EST 2014


https://bugzilla.mindrot.org/show_bug.cgi?id=2081

Scott Duckworth <sduckwo at clemson.edu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |sduckwo at clemson.edu

--- Comment #5 from Scott Duckworth <sduckwo at clemson.edu> ---
Created attachment 2416
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2416&action=edit
Patch adding environment variables to pass key and fingerprint to
AuthorizedKeysCommand

Per the discussion about this on the developer's mailing list
(http://lists.mindrot.org/pipermail/openssh-unix-dev/2014-March/032341.html),
here is an alternate to the already proposed patch that sends the key
and key fingerprint to AuthorizedKeysCommand via environment variables.

This maintains compatibility with existing programs being used in
AuthorizedKeysCommand which require exactly one command line parameter
(the username).  Additionally, this only modifies the child process
which is forked off to exec the AuthorizedKeysCommand, so there is no
risk of introducing a memory leak in sshd.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list