HostKey Management
Matthew N. Dodd
matthew.nygard.dodd at gmail.com
Fri Jan 18 11:04:26 EST 2013
On 1/17/13 5:57 PM, Mike Kelly wrote:
> But, as someone mentioned (maybe just off-list), this still has some
> shortcomings compared to public keys. The biggest is that, as I have
> gathered so far, you can't tie a forced command to the credentials. I
> guess that the closest workaround would be to have a specific user that
> is used to log in for these specific tasks, which could have a
> ForceCommand in a Match User block in sshd_config (maybe in combination
> with, say, sudo so that things that maybe need to be run as some other
> user instead can be?).
https://bugzilla.mindrot.org/show_bug.cgi?id=1927
Bug 1927 - authorized_credentials (aka authorized_keys for GSSAPI-MIC)
I'll spend some time updating it if there is any interest.
More information about the openssh-unix-dev
mailing list