Mike Burger wrote: > Mikkel wrote: >> Or don't log in at all. Use scp to copy the file, and then ssh where >> it is set to run a command when you connect. (Use the >> comand="comand" format for the key.) One thing I am not sure of is >> if you can use the same key for scp when using the command= option. > > Well, is part of the openssh suite, and does/will use the same key as the > ssh executable. > > I use keys to scp and ssh to run commands all the time, without having to > pass passwords along, in order to automate processes, all the time. > I do the same. But I have never tried to use the private key that was tied to a command on the other machine with scp, so I do not know if scp will work with a key that is only allowed to run one program on the remote machine. (You can not "login" in using that key.) What I was thinking of was: scp file to remote machine ssh to remote machine witch triggers a command on the remote machine. From the sshd man page: command="command" Specifies that the command is executed whenever this key is used for authentication. The command supplied by the user (if any) is ignored. The command is run on a pty if the client requests a pty; otherwise it is run without a tty. If an 8-bit clean channel is required, one must not request a pty or should specify no-pty. A quote may be included in the command by quoting it with a backslash. This option might be useful to restrict certain public keys to perform just a specific operation. An example might be a key that permits remote backups but nothing else. Note that the client may specify TCP and/or X11 forwarding unless they are explicitly prohibited. The command originally supplied by the client is available in the SSH_ORIGINAL_COMMAND environment variable. Note that this option applies to shell, command or subsystem execution. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Description: OpenPGP digital signature