authorized_keys options for remote forwarding

Damien Miller djm at mindrot.org
Sun Sep 7 09:32:15 EST 2003


On Sat, 2003-09-06 at 02:29, Dan Kaminsky wrote:
> >
> >
> >command="/usr/bin/cat",no-X11-forwarding,no-agent-forwarding,\
> >permitopen="ip1:port1",permitopen="ip2:port2" ssh-rsa AAAA...
> >  
> >
> Doesn't this allow any file on the system to be read, or written to for 
> that matter?

No, arguments are not passed to forced commands. Once could also use
/bin/true and connect with "ssh -N -Lxxx".

-d





More information about the openssh-unix-dev mailing list