AuthorizedKeysCommand idea

Michael W. Lucas mwlucas at
Fri Jun 21 10:19:18 EST 2013

On Wed, Jun 19, 2013 at 02:35:03PM -0400, Phil Pennock wrote:
> This works, and has worked, for years, minimizes complexity at login
> time, makes audit easy and generally is something I've seen used, or
> have set up, in many places for at least a decade (with patches to
> pre-openssh sshd, originally).

Well, yes, that's easier still. Never mind.

It seems the best use for AuthorizedKeysCommand is to get keys from a
location outside the local machine.


Michael W. Lucas  -  mwlucas at, Twitter @mwlauthor,
Absolute OpenBSD 2/e -
coupon code "ILUVMICHAEL" gets you 30% off & helps me.

More information about the openssh-unix-dev mailing list