Re: Tunnel-only SSH keys

看板FB_security作者時間20年前 (2005/09/23 00:11), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串2/6 (看更多)
Hi, > I once read somewhere that it's possible to limit SSH pubkeys to > 'tunnel-only'. I can't seem to find any information about this > in any of the usual places. > > I'm going to be deploying a few servers in a couple of days and > I'd like them to log to a central server over an SSH tunnel (using > syslog-ng) however I'd like to prevent actual logins (hence > 'tunnel-only'). > > Can this be done with OpenSSH? I'd like to try and stay away from > the complexities of a chrooted-stunnel for now... I think you can use /bin/false as shell, and then use ``ssh -nN'' from the client. I've not tested this, but I guess this should work. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 jeremie. 的文章
文章代碼(AID): #13CjUm00 (FB_security)
更多 jeremie. 的文章
文章代碼(AID): #13CjUm00 (FB_security)