27Mar
Security of only allowing a few vetted commands using $SSH_ORIGINAL_COMMAND
Using a authorized_keys forced command with ssh and a wrapper-script like this:
#!/usr/bin/env bash
case “$SSH_ORIGINAL_COMMAND” in
/var/lib/authorized-scripts/*)
$SSH_ORIGINAL_COMMAND
;;
*)
exit 1
;;
esac
Can a mal…