SSH command when uploading files

Bennett Todd bet at
Fri Mar 14 12:38:32 EST 2003

2003-03-13T07:33:52 Reckhard, Tobias:
> However, from the output of "rsync -vvv ..." on the client and "sshd -d ..."
> on the server it appears to me that no command is passed to the sshd on the
> server when uploading data.

I'm not sure about those techniques for finding it, I haven't tried
'em, but whether the techniques have a hole or there was an
observational error, J.W. Schultz was right, you missed it.

Here's the trick to find it.

sshd deals with a .authorized_keys file where a key line is
preceeded by

	command="foo bar baz" (key here)

by running foo, with args bar and baz, ignoring whatever command was
requested by the client ssh. Instead, the client ssh's requested
command is shoved into the environment variable
SSH_ORIGINAL_COMMAND. So set up your key like this:

	command=/path/to/wrapper (key here)

and have wrapper contain

	echo "$SSH_ORIGINAL_COMMAND" >>/tmp/sshcmdlog

and try your rsync. It'll work as usual, and as a side-effect the
command it requested will be logged. Then update your
.authorized_keys line to reflect the exact command you want to allow
and voila.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :

More information about the rsync mailing list