1 # $OpenBSD: forcecommand.sh,v 1.1 2006/07/19 13:09:28 dtucker Exp $ 2 # Placed in the Public Domain. 3 4 tid="forced command" 5 6 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 7 8 echon 'command="true" ' >$OBJ/authorized_keys_$USER 9 cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER 10 echon 'command="true" ' >>$OBJ/authorized_keys_$USER 11 cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER 12 13 for p in 1 2; do 14 trace "forced command in key option proto $p" 15 ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 16 fail "forced command in key proto $p" 17 done 18 19 echon 'command="false" ' >$OBJ/authorized_keys_$USER 20 cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER 21 echon 'command="false" ' >>$OBJ/authorized_keys_$USER 22 cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER 23 24 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 25 echo "ForceCommand true" >> $OBJ/sshd_proxy 26 27 for p in 1 2; do 28 trace "forced command in sshd_config overrides key option proto $p" 29 ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 30 fail "forced command in key proto $p" 31 done 32 33 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 34 echo "ForceCommand false" >> $OBJ/sshd_proxy 35 echo "Match User $USER" >> $OBJ/sshd_proxy 36 echo " ForceCommand true" >> $OBJ/sshd_proxy 37 38 for p in 1 2; do 39 trace "forced command with match proto $p" 40 ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 41 fail "forced command in key proto $p" 42 done 43
