forcecommand.sh revision 295367
1# $OpenBSD: forcecommand.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ 2# Placed in the Public Domain. 3 4tid="forced command" 5 6cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 7 8cp /dev/null $OBJ/authorized_keys_$USER 9for t in ${SSH_KEYTYPES}; do 10 printf 'command="true" ' >>$OBJ/authorized_keys_$USER 11 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER 12done 13 14for p in ${SSH_PROTOCOLS}; do 15 trace "forced command in key option proto $p" 16 ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 17 fail "forced command in key proto $p" 18done 19 20cp /dev/null $OBJ/authorized_keys_$USER 21for t in ${SSH_KEYTYPES}; do 22 printf 'command="false" ' >> $OBJ/authorized_keys_$USER 23 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER 24done 25 26cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 27echo "ForceCommand true" >> $OBJ/sshd_proxy 28 29for p in ${SSH_PROTOCOLS}; do 30 trace "forced command in sshd_config overrides key option proto $p" 31 ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 32 fail "forced command in key proto $p" 33done 34 35cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 36echo "ForceCommand false" >> $OBJ/sshd_proxy 37echo "Match User $USER" >> $OBJ/sshd_proxy 38echo " ForceCommand true" >> $OBJ/sshd_proxy 39 40for p in ${SSH_PROTOCOLS}; do 41 trace "forced command with match proto $p" 42 ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 43 fail "forced command in key proto $p" 44done 45