Hi, Jonathan Yu <[email protected]> writes: > On Sun, Jul 27, 2014 at 4:54 AM, Marc Haber <[email protected]> > wrote: > >> Why would one use such a tool? passphraseless keys exist, and can be >> configured to be secure. > > This sounds interesting. Do you have a link to some documentation on this > technique?
It is possible to restrict keys in .ssh/authorized_keys so that they are only allowed to run specific commands, see the 'command="command"' bit in man:sshd(8). One probably wants to combine this with no-port-forwarding and similar options. Ansgar -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
