Re: sshd’s ForceCommand and ssh’s "–N Do not execute a remote command"

[Oleg Verych]

>> 1) "$SSH_ORIGINAL_COMMAND"
>> 2) `ssh -N`
>> It just runs 'ForceCommand' with stdio <>/dev/null until connection alive...
>
> the protocol doesn't work that way

The only thing left is to force user to do or to do not something.

A crutch: Reject all services (port forwarding), if 'ForceCommand' is
set and user has `ssh -N`.

_______