Nico Kadel-Garcia ha scritto:
> Have you successfully used this?

Oh, yes! I run for years sshd2 from SSH Communication on several
servers, including one used for a commercial web hosting service.

> There are plenty of procedures, such as rsync over SSH based backup
> procedures and Subversion access, that do require unattended access.
> It's the sort of thing that makes me wish that chroot cages had been
> properly implemented for OpenSSH 5. (All chroot users having the same,
> shared chroot cage is fairly nutty: the paches to support per-user
> chroot cages have been around for years, and I'm confused why those
> weren't used.)

Tectia offers specific sub configuration on per-user or per-host basis.
So, you can allow a batch user to access only with key (or only with
password) enforcing other restriction.