SSH command when uploading files
Bennett Todd
bet at rahul.net
Fri Mar 14 12:38:32 EST 2003
2003-03-13T07:33:52 Reckhard, Tobias:
> However, from the output of "rsync -vvv ..." on the client and "sshd -d ..."
> on the server it appears to me that no command is passed to the sshd on the
> server when uploading data.
I'm not sure about those techniques for finding it, I haven't tried
'em, but whether the techniques have a hole or there was an
observational error, J.W. Schultz was right, you missed it.
Here's the trick to find it.
sshd deals with a .authorized_keys file where a key line is
preceeded by
command="foo bar baz" (key here)
by running foo, with args bar and baz, ignoring whatever command was
requested by the client ssh. Instead, the client ssh's requested
command is shoved into the environment variable
SSH_ORIGINAL_COMMAND. So set up your key like this:
command=/path/to/wrapper (key here)
and have wrapper contain
#!/bin/sh
echo "$SSH_ORIGINAL_COMMAND" >>/tmp/sshcmdlog
exec $SSH_ORIGINAL_COMMAND
and try your rsync. It'll work as usual, and as a side-effect the
command it requested will be logged. Then update your
.authorized_keys line to reflect the exact command you want to allow
and voila.
-Bennett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/rsync/attachments/20030313/3a57e395/attachment.bin
More information about the rsync
mailing list