SSH, scp, rsync.. and passwordless logins
Doing some demo stuff, and creating some basic security restriction, so basic that I can easily brake out of it when I want..
And since this a actually a shellshock demo, I’m doing restriction with command=”” in authorized_keys.
But adding rsync/scp in command was not enough, I need the arguments as well… So how do I get them?
Create a small bash script, that gives you the original ssh command…
echo “Original SSH command is ‘$SSH_ORIGINAL_COMMAND'”;
Place this in the command field in authorized keys
command=”/home/user/myscript.sh” ssh-rsa *********
Run your command against your server, and it will feed you back exactly what you need to put in the command=”??”