diff options
author | Russ Allbery <eagle@eyrie.org> | 2016-07-29 12:52:14 -0700 |
---|---|---|
committer | Russ Allbery <eagle@eyrie.org> | 2016-07-29 12:52:14 -0700 |
commit | 6ce766d4b770592e3c893d36a00b9fa822992182 (patch) | |
tree | 3289007c6a03ce2d53b83bf4ff8b5a32638408eb /docs | |
parent | 5b21e5fdaa8e1e3635f4506514318ad4dd574173 (diff) | |
parent | 3d465eae3de8463c818e97e6994f4fab08d1497d (diff) |
Imported Upstream version 3.12
Diffstat (limited to 'docs')
-rw-r--r-- | docs/remctl-shell.8.in | 13 | ||||
-rw-r--r-- | docs/remctl-shell.pod | 11 |
2 files changed, 24 insertions, 0 deletions
diff --git a/docs/remctl-shell.8.in b/docs/remctl-shell.8.in index b39be98..edea4f0 100644 --- a/docs/remctl-shell.8.in +++ b/docs/remctl-shell.8.in @@ -227,6 +227,14 @@ user identities that look like Kerberos principal names is strongly recommended, since it may make it easier to use some of the \s-1ACL\s0 methods intended for the normal remctl server. .PP +Since this relies on setting environment variables via \f(CW\*(C`authorized_keys\*(C'\fR, +you unfortunately have to enable \f(CW\*(C`PermitUserEnvironment\*(C'\fR in +\&\fIsshd_config\fR (this is not the default) by adding: +.PP +.Vb 1 +\& PermitUserEnvironment yes +.Ve +.PP \&\fBremctl-shell\fR will not make use of forwarded connections or agents, and will not pass them along to the processes they run, so all such ssh options should normally be disabled for defense in depth security. @@ -398,6 +406,11 @@ normally run as that user and the \f(CW\*(C`user\*(C'\fR configuration option wi work. The easiest way to run commands as other users is to have the underlying command use \fBsudo\fR or some other user switching mechanism, which will normally require additional local configuration. +.PP +User environment setting has to be enabled in \fBsshd\fR by setting the +non-default \f(CW\*(C`PermitUserEnvironment\*(C'\fR configuration option. A future +version of \fBremctl-shell\fR may use forced commands with an argument +instead of a shell to avoid this. .SH "AUTHOR" .IX Header "AUTHOR" \&\fBremctl-shell\fR was written by Russ Allbery <eagle@eyrie.org>. Many diff --git a/docs/remctl-shell.pod b/docs/remctl-shell.pod index af3cfc7..0322a0e 100644 --- a/docs/remctl-shell.pod +++ b/docs/remctl-shell.pod @@ -90,6 +90,12 @@ user identities that look like Kerberos principal names is strongly recommended, since it may make it easier to use some of the ACL methods intended for the normal remctl server. +Since this relies on setting environment variables via C<authorized_keys>, +you unfortunately have to enable C<PermitUserEnvironment> in +F<sshd_config> (this is not the default) by adding: + + PermitUserEnvironment yes + B<remctl-shell> will not make use of forwarded connections or agents, and will not pass them along to the processes they run, so all such ssh options should normally be disabled for defense in depth security. @@ -283,6 +289,11 @@ work. The easiest way to run commands as other users is to have the underlying command use B<sudo> or some other user switching mechanism, which will normally require additional local configuration. +User environment setting has to be enabled in B<sshd> by setting the +non-default C<PermitUserEnvironment> configuration option. A future +version of B<remctl-shell> may use forced commands with an argument +instead of a shell to avoid this. + =head1 AUTHOR B<remctl-shell> was written by Russ Allbery <eagle@eyrie.org>. Many |