Date: Thu, 22 Sep 2005 09:22:38 -0700 From: David Wolfskill <david@catwhisker.org> To: freebsd-security@freebsd.org Subject: Re: Tunnel-only SSH keys Message-ID: <20050922162238.GZ54033@bunrab.catwhisker.org> In-Reply-To: <20050922152718.GB91509@logik.internal.network> References: <20050922152718.GB91509@logik.internal.network>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 22, 2005 at 04:27:18PM +0100, markzero wrote: > Hello. > > I once read somewhere that it's possible to limit SSH pubkeys to > 'tunnel-only'. I can't seem to find any information about this > in any of the usual places. > ... > Can this be done with OpenSSH? I'd like to try and stay away from > the complexities of a chrooted-stunnel for now... See the section "AUTHORIZED_KEYS FILE FORMAT" in the sshd man page. There is also a discussion of this in the O'Reilly _SSH_ book. Peace, david -- David H. Wolfskill david@catwhisker.org Prediction is difficult, especially if it involves the future. -- Niels Bohr See http://www.catwhisker.org/~david/publickey.gpg for public key.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050922162238.GZ54033>