* Patrick Hsieh ([EMAIL PROTECTED]) [021006 19:37]: > Hello list, > > I'd like to execute a certain command upon someone connect to my server > with "ssh [EMAIL PROTECTED]". I will not authenticate the visitor in > the ssh session, that is, anyone can do "ssh [EMAIL PROTECTED]" in > order to execute my self-defined command or shell script. Is there any
Are you running a web server? Just create a little CGI to do what you want, so that anyone can just GET that URL and the command will run. This should be much less headache than trying to figure out if all of your bases are covered with ssh, since you're not trying to authenticate anyway. You can still get transport-layer security if you run the CGI only on HTTPS. If you want it so that web spiders won't automatically launch your command all the time, just don't put any links to it. You could also do something that's trivial for a human but next to impossible for a search engine cache, like require that the script get today's date as an argument or it won't do anything. This scheme fails when it's not an interactive command, but works great if you just need to run a command and see the output; it can be displayed in the browser when the CGI is run. good times, Vineet -- http://www.doorstop.net/ -- A: No. Q: Should I include quotations after my reply?
msg05669/pgp00000.pgp
Description: PGP signature
