| version 1.200, 2015/04/29 03:48:56 |
version 1.201, 2015/05/21 06:38:35 |
|
|
| of a single authentication method is sufficient. |
of a single authentication method is sufficient. |
| .It Cm AuthorizedKeysCommand |
.It Cm AuthorizedKeysCommand |
| Specifies a program to be used to look up the user's public keys. |
Specifies a program to be used to look up the user's public keys. |
| The program must be owned by root and not writable by group or others. |
The program must be owned by root, not writable by group or others and |
| It will be invoked with a single argument of the username |
specified by an absolute path. |
| being authenticated, and should produce on standard output zero or |
.Pp |
| |
Arguments to |
| |
.Cm AuthorizedKeysCommand |
| |
may be provided using the following tokens, which will be expanded |
| |
at runtime: %% is replaced by a literal '%', %u is replaced by the |
| |
username being authenticated, %h is replaced by the home directory |
| |
of the user being authenticated, %t is replaced with the key type |
| |
offered for authentication, %f is replaced with the fingerprint of |
| |
the key, and %k is replaced with the key being offered for authentication. |
| |
If no arguments are specified then the username of the target user |
| |
will be supplied. |
| |
.Pp |
| |
The program should produce on standard output zero or |
| more lines of authorized_keys output (see AUTHORIZED_KEYS in |
more lines of authorized_keys output (see AUTHORIZED_KEYS in |
| .Xr sshd 8 ) . |
.Xr sshd 8 ) . |
| If a key supplied by AuthorizedKeysCommand does not successfully authenticate |
If a key supplied by AuthorizedKeysCommand does not successfully authenticate |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh