diff options
Diffstat (limited to 'bin/ssh-forcecommand')
| -rwxr-xr-x | bin/ssh-forcecommand | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/bin/ssh-forcecommand b/bin/ssh-forcecommand index 5443920..a355656 100755 --- a/bin/ssh-forcecommand +++ b/bin/ssh-forcecommand @@ -47,14 +47,14 @@ This is B<ssh-forcecommand> version 1.0 =head1 DESCRIPTION B<ssh-forcecommand> is a trivial script to safely execute remote commands via -ssh. It is especially aimed at automated remote commands (so, ssh keys not -secured via password), where a compromise of the remote system (-> private -key) could also compromise the local system. - -To prevent this, you can put the forcecommand into the ssh config -(authorized_keys, to be precise), so the remote system can only execute a set -of statically defined commands. This way, compromising the local system is -made much more difficult. +ssh. It is especially aimed at automated remote commands (in which ssh keys +are not secured via password), where a compromise of the remote system could +also compromise the local system. + +To prevent this, you can invoke ssh-forcecommand through the ssh +configuration, which will limit the romet system so that it can only execute a +set of statically defined commands. This way, compromising the local system is +made much more diffecult. =head1 CONFIGURATION |