patch to send incoming key to AuthorizedKeysCommand via stdin

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Mar 21 07:17:46 EST 2014


On 03/20/2014 03:58 PM, Scott Duckworth wrote:
> I have created a patch for openssh which modifies the AuthorizedKeysCommand
> directive so that the incoming user's public key is sent to the specified
> program via stdin.  This provides a means to identify the connecting user
> based solely on their public key and not just by the username.

This sounds like a good approach to me; you're not the first person to
consider this, but i like the semantics of your proposal better than
other proposals i've seen.  Could you provide the patch against the
mainline as an attachment to:

https://bugzilla.mindrot.org/show_bug.cgi?id=2081

with a brief comment about how what you've done is different from what's
there already?

> The patches for different openssh versions can be found at
> https://bitbucket.org/ClemsonSoCUnix/django-sshkey.  The README.md file
> describes some caveats, including the possibility for deadlock if the
> command specified with AuthorizedKeysCommand does not fully consume or
> close its standard input.

This is worrisome.  sshd itself shouldn't be adversely affected by
subcommand failing to process the data in any way.  Do you see any way
to make sshd more robust in this case?  (e.g. what if the key was
provided as another command line parameter instead of stdin)

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140320/a049ae8f/attachment.bin>


More information about the openssh-unix-dev mailing list