Hi Albert, Have you tried putting that command in the public key for the user in freeipa and setting the user shell to /sbin/nologin or the equivalent?
On 15 December 2012 02:09, Albert Adams <[email protected]> wrote: > In our environment we have several systems where users require access to > the system to setup an SSH tunnel but should not have a shell on the > system. Prior to rolling out IPA we accomplished this with the > authorized_keys file as follows: > > command="/usr/bin/perl -e '$|=1; print \"Tunnel created, use your > webbrowser to connect to the tool\n\";while(1) { print localtime(time) . > \"\n\"; sleep > 60}'",permitopen="localhost:8834",no-agent-forwarding,no-X11-forwarding > > Is there a way to accomplish this in IPA? > > Regards, > Albert > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
