Georg Pfuetzenreuter
e3885fc2a3
In use cases where one user is supposed to be reachable with multiple public keys, but where each public key should only have access to a specific set of commands, the variable $SSH_USER_AUTH will be considered together with colon separated username->key pairs in the configuration to determine the set of commands to use. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
13 lines
285 B
Prolog
13 lines
285 B
Prolog
# the patterns are read as regular expressions and anchored with ^ and $ by default
|
|
(
|
|
'georg:ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP9tSdeqfI9YCm0mHll2lXXgf/kvQQJUMg7QVIMTZ/7P' => [
|
|
# 'georg' => [
|
|
'echo hi',
|
|
'true',
|
|
'printf %s [a-z0-9 ]+',
|
|
],
|
|
'root' => [
|
|
'ls -a /root',
|
|
],
|
|
)
|