On Tue, Dec 12, 2017 at 10:35 AM, Dan Becker <d.b.bec...@gmail.com> wrote:
> On Mon, Dec 11, 2017 at 7:13 PM, Paulm <pa...@tetrardus.net> wrote: > > > My main concern comes from the fact this process is being ran as root and > injecting the username as an arg "$1" > > Example : > > What happens if someone runs ssh '"&rm -rf /'@host, is there a sanitation > in the ssh daemon ? > > > -- > --Dan > The AuthorizedKeysCommand option is supposed to be used in conjunction with another option setting that determines the user that will call the script. This user should not be root. The current version uses AuthorizedKeysCommandUser and the man page states that it is recommended to use a dedicated user that has no other role on the host than running the authorized keys commands. The Red Hat Enterprise Linux 6 man page for sshd_config uses this other option, instead. AuthorizedKeysCommandRunAs. This is like the above, except if it is left empty, it is implied that the command gets run as the user logging into the system. Hope this helps. Stefan
