1 # $OpenBSD: forcecommand.sh,v 1.4 2017/04/30 23:34:55 djm Exp $
2 # Placed in the Public Domain.
6 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
8 cp /dev/null $OBJ/authorized_keys_$USER
9 for t in ${SSH_KEYTYPES}; do
10 printf 'command="true" ' >>$OBJ/authorized_keys_$USER
11 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
14 trace "forced command in key option"
15 ${SSH} -F $OBJ/ssh_proxy somehost false || fail "forced command in key"
17 cp /dev/null $OBJ/authorized_keys_$USER
18 for t in ${SSH_KEYTYPES}; do
19 printf 'command="false" ' >> $OBJ/authorized_keys_$USER
20 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
23 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
24 echo "ForceCommand true" >> $OBJ/sshd_proxy
26 trace "forced command in sshd_config overrides key option"
27 ${SSH} -F $OBJ/ssh_proxy somehost false || fail "forced command in key"
29 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
30 echo "ForceCommand false" >> $OBJ/sshd_proxy
31 echo "Match User $USER" >> $OBJ/sshd_proxy
32 echo " ForceCommand true" >> $OBJ/sshd_proxy
34 trace "forced command with match"
35 ${SSH} -F $OBJ/ssh_proxy somehost false || fail "forced command in key"