command= and arbitrary keys...
marek at bmlv.gv.at
Mon Dec 3 16:46:05 EST 2001
>I've asked this question before, but I was never able to fix the problem,
>and now it's back again and I'd like to try and resolve it.
>I have an authorized_keys file with about twenty keys, most of which are
>prefaced with command="/usr/bin/rsync ...". If I put my host key at the
>top of the authorized_keys file, I can connect without a problem. If it
>gets put near the bottom, ssh seems to pick an arbitrary key, accepts my
>passphrase, and starts to run one of the rsync commands.
>One of the thoughts was that because many of the hosts are running
>openssh-2.3 and not the latest. If it's likely this is the problem, I'll
>upgrade them all, but there are a lot of hosts, and I'd rather not do it
>if it isn't necessary..
>Other ideas, perhaps?
Well, I read here that it "accepts your passphrase" - how does this work,
then? If you use keys, you need no passphrase - if you use passwords,
it won't do the commands in ~/.ssh/authorized_keys2.
And to turn off the agent as Cameron Simpson told previously, it's sufficient
to clear the environment variable SSH_AUTH_SOCK (at least on UNIX).
Hope that helps!
More information about the rsync