/[cricket]/ssh_howto.txt
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Contents of /ssh_howto.txt

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.4 - (show annotations)
Mon Dec 9 15:08:03 2002 UTC (21 years, 3 months ago) by dpavlin
Branch: MAIN
CVS Tags: HEAD
Changes since 1.3: +1 -1 lines
File MIME type: text/plain
fix typo

1 How to setup remote, non-interactive, log-on with multiple command for
2 same remote user-name?
3
4
5 For the rest of this document, destination host will be called 'loophole', and
6 user which will run all sort of our evil stuff on loophole will be called
7 'mole'.
8
9 Do this as a Cricket user:
10
11 $ ssh-keygen -t dsa -f ~/.ssh/uptime
12
13 Append ~/.ssh/uptime.pub on destination host to ~mole/.ssh/authorized_keys2
14 and prepend following before ssh-dss:
15
16 command="uptime"
17
18 So, that line in ~mole/.ssh/authorized_keys2 looks like:
19
20 command="uptime" ssh-dss AAA...lSEV04= cricket@boo.boo
21
22 test if it works...
23
24 $ ssh -i ~/.ssh/uptime -q -l mole loophole
25 15:42:10 up 42 days, 18:25, 6 users, load average: 0.00, 0.00, 0.00
26
27 It does? Oh, good. You now know how to setup individual keys for each
28 command that you want to execute. Keep in mind that user mole must have
29 permissions on loophole to execute that particular command, but other
30 than that, you are winner!
31
32 If you get one more line before uptime output, try adding -T option
33 to ssh. This will prevent pseudo tty allocation and (hopefully) remove
34 that output.
35
36 If you are stuck with ssh v1 protocol, you have to use rsa1 instead of
37 dsa for ssh-keygen and authorized_keys instead of authorized_keys2.
38
39 But, think about upgrading.

  ViewVC Help
Powered by ViewVC 1.1.26