Hi Larry et al,

--- Larry Becke wrote:
> It might be fun to play with it to see what you can
> and can't force via the command= override from the
> authorized_keys file.


I ran into an annoying side effect a while back when I
started packaging up these -i and command=
combinations... If you have a key agent running, the
key agent will get first dibs despite the specific key
listed in the -i. So you'll want to prepend your
initiating scp command with SSH_AUTH_SOCK= like so:

$ SSH_AUTH_SOCK= scp -i key file user@host:

I took things a bit further than you seem to have
done, and had my command= execute a shell script,
which would pick apart the passed SCP command
$SSH_ORIGINAL_COMMAND and instead used the passed
"target directory" argument as a parameter to perform
a lookup for specialized handling.

Cheers,
-Thomas


__________________________________________________ __________________________________
Never miss a thing. Make Yahoo your home page.
http://www.yahoo.com/r/hs
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev