Georg Pfuetzenreuter
194a71e968
In use cases where one user is supposed to be reachable with multiple public keys, but where each public key should only have access to a specific set of commands, the variable $SSH_USER_AUTH will be considered together with colon separated username->key pairs in the configuration to determine the set of commands to use. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
15 lines
304 B
Prolog
15 lines
304 B
Prolog
# the patterns are read as regular expressions and anchored with ^ and $ by default
|
|
(
|
|
'georg2:ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFY7Pvf4Rzn7C8Ioi1ZvY/O7tJsMCv27URdQE5o1daDK' => [
|
|
'echo hi',
|
|
'true',
|
|
'printf %s [a-z0-9 ]+',
|
|
],
|
|
'georg2' => [
|
|
'echo bye',
|
|
],
|
|
'root' => [
|
|
'ls -a /root',
|
|
],
|
|
)
|