On 12/10/23 16:14, Alex wrote:
The contents of my /root/.ssh/authorized_keys for the command I want to execute
is something like this:
command="/usr/bin/rsync --server --sender -logDtprze.iLs --numeric-ids .
/",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQC....
I want to upgrade this to instead use an ed25519 key and define a more specific
path.
I've also tried the SSH_ORIGINAL_COMMAND environment variable, but it doesn't
seem to be set.
Trying to guess the exact rsync string may be difficult and unreliable.
There may be random parts inside, and things depending on options.
Next version could change everything.
The right way is force command to a script written by you (doing all the
restrictions
and security checks you want) and use the SSH_ORIGINAL_COMMAND approach inside
it, that is
executing rsync inside your script.
Wondering why you do not see the variable set.
Regards.
--
Roberto Ragusa mail at robertoragusa.it
--
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
