- djm@cvs.openbsd.org 2012/10/30 21:29:55 [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] [sshd.c sshd_config sshd_config.5] new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@

commit: 09d3e1251250dcf45e5434cd474430e4ec5e8639 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Wed Oct 31 08:58:58 2012 +1100
committer: Damien Miller <djm@mindrot.org> Wed Oct 31 08:58:58 2012 +1100
tree: 674ce6528821636740dce3a32ac1634b397643c9
parent: 07daed505f1cd6a0beff4d060b588debcc1ca8c8 [diff] [blame]
diff --git a/sshd_config b/sshd_config
index 9424ee2..3d35bef 100644
--- a/sshd_config
+++ b/sshd_config

@@ -1,4 +1,4 @@
-#	$OpenBSD: sshd_config,v 1.87 2012/07/10 02:19:15 djm Exp $
+#	$OpenBSD: sshd_config,v 1.88 2012/10/30 21:29:55 djm Exp $
 
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
@@ -51,6 +51,9 @@
 
 #AuthorizedPrincipalsFile none
 
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
 #RhostsRSAAuthentication no
 # similar for protocol version 2
commit	09d3e1251250dcf45e5434cd474430e4ec5e8639	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Wed Oct 31 08:58:58 2012 +1100
committer	Damien Miller <djm@mindrot.org>	Wed Oct 31 08:58:58 2012 +1100
tree	674ce6528821636740dce3a32ac1634b397643c9
parent	07daed505f1cd6a0beff4d060b588debcc1ca8c8 [diff] [blame]