[Freeipa-users] Allow IPA users to create SSH tunnel with no shell
Albert Adams
biteoag at gmail.com
Fri Dec 14 16:09:03 UTC 2012
In our environment we have several systems where users require access to
the system to setup an SSH tunnel but should not have a shell on the
system. Prior to rolling out IPA we accomplished this with the
authorized_keys file as follows:
command="/usr/bin/perl -e '$|=1; print \"Tunnel created, use your
webbrowser to connect to the tool\n\";while(1) { print localtime(time) .
\"\n\"; sleep
60}'",permitopen="localhost:8834",no-agent-forwarding,no-X11-forwarding
Is there a way to accomplish this in IPA?
Regards,
Albert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121214/126d052d/attachment.htm>
More information about the Freeipa-users
mailing list