ssh man page about 'tunnel' feature

Catalin Patulea cat at
Fri Mar 24 12:15:55 AEDT 2017


I was reading about the tunnel/VPN feature and found this section of
the ssh man page:

Client access may be more finely tuned via the
/root/.ssh/authorized_keys file (see below) and the PermitRootLogin
server option. The following entry would permit connections on tun(4)
device 1 from user "jane" and on tun device 2 from user "john", if
PermitRootLogin is set to "forced-commands-only":

tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john

Is that true? Can /root authorized_keys set keys for other users? I
can't find a reference to this in other man pages, or the source code.


More information about the openssh-unix-dev mailing list