From owner-freebsd-questions@freebsd.org Sun Jul 5 19:28:29 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BA6CDACC2 for ; Sun, 5 Jul 2015 19:28:29 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 487561BDD for ; Sun, 5 Jul 2015 19:28:29 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from liminal.local (liminal.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3636:3bff:fed4:b0d6]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.15.1/8.15.1) with ESMTPSA id t65JSO8u049578 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sun, 5 Jul 2015 20:28:24 +0100 (BST) (envelope-from matthew@FreeBSD.org) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org DKIM-Filter: OpenDKIM Filter v2.9.2 smtp.infracaninophile.co.uk t65JSO8u049578 Authentication-Results: smtp.infracaninophile.co.uk/t65JSO8u049578; dkim=none reason="no signature"; dkim-adsp=none; dkim-atps=neutral X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host liminal.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3636:3bff:fed4:b0d6] claimed to be liminal.local Message-ID: <55998551.3040100@FreeBSD.org> Date: Sun, 05 Jul 2015 20:28:17 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Mix'n'match between packages an ports? References: <20150630115303.GA1331@aurora.oekb.co.at> <20150630132725.e3ab60f2ac8b1d3e4662a535@sohara.org> <86k2ue7cvk.fsf@red.stonehenge.com> <20150705194059.59a973de61df73f4ccf5a415@sohara.org> <20150705185905.GA85635@neutralgood.org> In-Reply-To: <20150705185905.GA85635@neutralgood.org> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="G9ApVWt8aOB1s8KjK2Lld4u5JmQDDEGfU" X-Virus-Scanned: clamav-milter 0.98.7 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Jul 2015 19:28:29 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --G9ApVWt8aOB1s8KjK2Lld4u5JmQDDEGfU Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 05/07/2015 19:59, kpneal@pobox.com wrote: > Is anyone using ssh urls? If so, _exactly_ what command is executed on > the server side when the client ssh's in? I need to know to setup ssh > keys that can execute only one command when used. Try using the forced command feature to run a shell script that logs the SSH_ORIGINAL_COMMAND variable, and then execs it. Actually, that's a good general approach in general: make the forced command a shell script that can examine SSH_ORIGINAL_COMMAND and decide whether or not to execute the original command. Cheers, Matthew --G9ApVWt8aOB1s8KjK2Lld4u5JmQDDEGfU Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) iQJ8BAEBCgBmBQJVmYVYXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATRcEP/j9+IJWZAobv4w/8GXnnRqTN cB79eP1zPlrMVWxNGf5hBcZUz2g4UNI0TWBczjHtY7kf4RhrBwCUjjDbufRVdlpd B9BMRlkeTnMoaNwtJnYmVr5LQo3/M8Omd+7H2a9kRhTexb23krRx7jCMUiqHXUzO FcRwS+gpFUlkdqVS0pgBgbkNU6u3Cg2CC98sYgE1ZzEIWrnApDDMIAknwzvRrdxr F9k9ORQhiE8eOzSuDHLWqiKQ7Ymy7IXtL4dhIzfYyIw0VwDkf1J0xrHumWO6bt+e shwU9m2zp0cqw44f0wXVbQ28CA4iq1CXDFvGUhTxlajeJVY57mswSLKRtAZ2jmzc 7NzFF/TfElff7EXAppQfg4JurRm3wS1AWF37/82+5hcb64skLXD/oDLtbJHB5LyU 3NuagSH148OjgFPamdffw68AMD7f5a8ubqNO6+Wztt3A9vgGx44byj7nlgPTNSFW ezDOBPjo740ZC6OGg/OkfUZ6VpWQ5vqB8P6IVyhcS31gMq6kKAHu6dmyBVztiA4e vTgJlxRLaCY1oXMle35SqknpXqRh0qrAihwN3HqHC2H9rf9zdq3nnnHhbMvNlBQd QYOcbZMFiMl9r6AXjc/gQ+o7ExgIM1CWT0tn2u6q0YO43zaLdJtAdIyX7Ylc4hFS ppa/67Dni7xlU2lE78K+ =n9Ck -----END PGP SIGNATURE----- --G9ApVWt8aOB1s8KjK2Lld4u5JmQDDEGfU--