SSH, scp, rsync.. and passwordless logins

Doing some demo stuff, and creating some basic security restriction, so basic that I can easily brake out of it when I want..
And since this a actually a shellshock demo, I’m doing restriction with command=”” in authorized_keys.

But adding rsync/scp in command was not enough, I need the arguments as well… So how do I get them?
Create a small bash script, that gives you the original ssh command…

echo “Original SSH command is ‘$SSH_ORIGINAL_COMMAND'”;
exit 0

Place this in the command field in authorized keys

command=”/home/user/” ssh-rsa *********

Run your command against your server, and it will feed you back exactly what you need to put in the command=”??”

Leave a Comments