nice! Would this directive also stop scp, sftp, or anything else I can't think of?
--- Thanks, Allan Marcus 505-667-5666 On Jul 2, 2009, at 10:24 AM, Michael Semcheski wrote: > > On Thu, Jul 2, 2009 at 12:21 PM, Allan Marcus<al...@lanl.gov> wrote: >> Would I need to write a bunch of fugly stuff in my sshd_config to >> limit what the puppet user can do via the ssh command? any examples? > > You put the client's key in /root/.ssh/authorized_keys. All you need > to do is prepend this to it: > > command="/usr/sbin/puppetca",no-pty,no-port-forwarding > > Check the documentation for your version of sshd to be sure. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
