[linux-elitists] right MTA for crypto support

Aaron T Porter atporter@primate.net
Tue Aug 27 14:21:42 PDT 2002


On Tue, Aug 27, 2002 at 02:10:46PM -0700, Don Marti wrote:
> The -N on the client end means just do the tunnel, don't run
> anything.  (try ssh -N /bin/false example.com)  I'm just wondering if
> specifying /bin/false is a clean enough way to prevent an attacker
> from attempting to actually run some program using that key.  Or is
> there a way to say "don't let this key run anything, it's a tunnel
> only key".

	Whadda ya know, seems to work just fine (using OpenSSH_3.4p1
Debian 1:3.4p1-2 and a DSA key).



More information about the linux-elitists mailing list