AuthorizedKeysCommand support added
Philipp Marek
philipp.marek at linbit.com
Wed Oct 31 21:18:01 EST 2012
Hello Damien,
thank you for your answer!
> > Reading the patch I see that STDERR is redirected to /dev/null; that
> > might be interesting to know.
> > (Perhaps it would be better to allow some logfile, or even syslog, as
> > destination for that output?)
>
> I want to keep this code simple, and don't want to have to implement
> yet another select() loop to handle multiple fds from the helper's
> stderr and stdout. I don't think it unreasonable for them to do their own
> logging to syslog for errors.
Yes, of course. See my shell-script remark below.
> > Furthermore, how about setting alarm(60) or some similar timeout, and
> > perhaps a CPU limit in the child handler, so that it doesn't run
> > forever?
>
> The helper is subject to the global login grace timeout (sshd_config
> LoginGraceTime).
But I see no code that would kill the process then - only the authentication
would fail, right?
> > TBH, I can see the point that having a simple shell script inbetween -
> > that can do all of this, too.
>
> No - the shell environment is too complicated for something that can
> be triggered before authentication.
Sorry for being unclear, I meant setting CPU (and other) ulimits, STDERR
redirection and so on - these things can be done by a shell script.
(Even syslog, by using logger(1).)
Regards,
Phil
More information about the openssh-unix-dev
mailing list