On Sun, Jan 02, 2005 at 03:15:44PM +0100, Mathieu Roy wrote:
> Commit from yeupou on branch DEV_2004-12-28_Savannah (2005-01-02 15:15 CET)
> ----------------------------------------------------
>
> Comment out a test being made on the ssh key type: I'm not sure we can do
> these test here.
> # An ssh server can be configured to accept only specific protocols.
> # Having Savane doing this kind of override looks way too
> site-specific.
> '
>
> savane lib/Savannah/User.pm 1.31.2.6
>From man sshd:
AUTHORIZED_KEYS FILE FORMAT
[...]
Each line of the file contains one key (empty lines and lines
starting with a `#' are ignored as comments). Each RSA public
key consists of the following fields, separated by spaces:
options, bits, exponent, modulus, comment. Each protocol version
2 public key consists of: options, key� type, base64 encoded key,
comment. The options fields are optional; its presence is
determined by whether the line starts with a number or not (the
option field never starts with a number). The bits, exponent,
modu� lus and comment fields give the RSA key for protocol
version 1; the com� ment field is not used for anything (but may
be convenient for the user to identify the key). For protocol
version 2 the keytype is ``ssh-dss'' or ``ssh-rsa''.
This is a test to test the validity of the key, so that user cannot
put invalid stuff in ~/authorized_keys.
It was setup by the FSF sysadmins.
I wonder, do you think one could add "command=/bin/bash " in his key
in a site that doesn't use an authorized_keys prefix (ie Gna!)?
Is the problem, the fact you want to support SSH Protocol v1?
--
Sylvain
_______________________________________________
Savane-dev mailing list
[email protected]
https://mail.gna.org/listinfo/savane-dev
