Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Sep 2005 16:27:18 +0100
From:      markzero <mark@darklogik.org>
To:        freebsd-security@freebsd.org
Subject:   Tunnel-only SSH keys
Message-ID:  <20050922152718.GB91509@logik.internal.network>
next in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Hello.

I once read somewhere that it's possible to limit SSH pubkeys to
'tunnel-only'. I can't seem to find any information about this
in any of the usual places.

I'm going to be deploying a few servers in a couple of days and
I'd like them to log to a central server over an SSH tunnel (using
syslog-ng) however I'd like to prevent actual logins (hence
'tunnel-only').

Can this be done with OpenSSH? I'd like to try and stay away from
the complexities of a chrooted-stunnel for now...

cheers,
M

-- 
pgp: http://www.darklogik.org/pub/pgp/pgp.txt
0160 A46A 9A48 D3B0 C92F B690 17FB 4B72 0207 ED43

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iQIVAwUBQzLNVRf7S3ICB+1DAQpHhRAAvno1gxbg3GrCsuKAf0ALMH9B/AOd6+od
iSTGDMKGV3DatoZbyVTql13Sak8n9IUjt8RRoycmBgqYQXcggRrtuf40N4gI9kIK
SjiSMWFxTDyxX/iyftb/ca+LA8eGbPCyJRfFW2ZO5hB6aX9Q0yFQjXlhmF+TsOTy
VPiBbNp7bdK3lap1rSWxyvmtGl0jHzo4JY+5CU5GSGbQrf8hfCfuhksluCiSNMLq
gi7+uBLs3Oa/F256FHYViShyN2BOKCksrXzPQ58FymfgZ+nRuN2yxfT1t8vvz3ZX
7C3bzkVZSyXpqDG6DWWl22Ypt7I9tOisFl0EAfxrNkY9B8h/UMhg/P7Hpi34Of95
NY/BWGO8U8iOMNuHTWDmxn1+EL+W8+P6eizAzdPbPtLBI6h3HCW0YXx96uVcD2Xp
JkzbOxQlp12QEfrKBYcXJU1jrklZaE8KgM+cK3sSIMQNmnW5X5mbIWY9NZFl/d2x
bVWBpfKXG/JWrXf1fxwPWHB8ZOtlvp9pk1dEAr7QC+c+H0g/7FtjJTVgPbNcf7DW
amE+bprUo/bEw48Ow9ZYFYBHgalCGV+6Lwq/gobAe6sgCg4XYGZZTs8a6FGYP21B
2zu6St83ZjeT0tez+GbGy915e0raU0qyOokxevZ4ggRU4LRs7CFi3T9s3XP0t9p0
OhxjGv8to6Q=
=3N/I
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050922152718.GB91509>