Dave Hammond
2006-03-14 21:54:03 UTC
System: SuSE version 9
I'm trying to configure SSHD to allow root login only for remote
commands. According to the description of PermitRootLogin in the
sshd_config man page:
"If this option is set to ``forced-commands-only'' root login with
public key authentication will be allowed, but only if the command
option has been specified".
Currently, SSHD is configured for root equivalence between the two
servers (id_dsa, id_dsa.pub, and known_hosts2 are identical), so that
if PermitRootLogin is yes, no password is required. If I issue the
command:
# ssh ***@host "date"
the date command runs immediately. However, after I change the value to
"forced-commands-only", the remote server requires a password when I
issue the same command. Clearly, the identical set of id_dsa* and
known_hosts2 files does not satisfy the required public key
authentication.
Any advice or pointers on how to accomplish the required public key
authentication would be greatly appreciated. Thanks!
-Dave H.
I'm trying to configure SSHD to allow root login only for remote
commands. According to the description of PermitRootLogin in the
sshd_config man page:
"If this option is set to ``forced-commands-only'' root login with
public key authentication will be allowed, but only if the command
option has been specified".
Currently, SSHD is configured for root equivalence between the two
servers (id_dsa, id_dsa.pub, and known_hosts2 are identical), so that
if PermitRootLogin is yes, no password is required. If I issue the
command:
# ssh ***@host "date"
the date command runs immediately. However, after I change the value to
"forced-commands-only", the remote server requires a password when I
issue the same command. Clearly, the identical set of id_dsa* and
known_hosts2 files does not satisfy the required public key
authentication.
Any advice or pointers on how to accomplish the required public key
authentication would be greatly appreciated. Thanks!
-Dave H.