2003-03-13T07:33:52 Reckhard, Tobias: > However, from the output of "rsync -vvv ..." on the client and "sshd -d ..." > on the server it appears to me that no command is passed to the sshd on the > server when uploading data.
I'm not sure about those techniques for finding it, I haven't tried
'em, but whether the techniques have a hole or there was an
observational error, J.W. Schultz was right, you missed it.
Here's the trick to find it.
sshd deals with a .authorized_keys file where a key line is
preceeded by
command="foo bar baz" (key here)
by running foo, with args bar and baz, ignoring whatever command was
requested by the client ssh. Instead, the client ssh's requested
command is shoved into the environment variable
SSH_ORIGINAL_COMMAND. So set up your key like this:
command=/path/to/wrapper (key here)
and have wrapper contain
#!/bin/sh
echo "$SSH_ORIGINAL_COMMAND" >>/tmp/sshcmdlog
exec $SSH_ORIGINAL_COMMAND
and try your rsync. It'll work as usual, and as a side-effect the
command it requested will be logged. Then update your
.authorized_keys line to reflect the exact command you want to allow
and voila.
-Bennett
pgp00000.pgp
Description: PGP signature
-- To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html
