[linux-elitists] right MTA for crypto support
Aaron T Porter
Tue Aug 27 14:21:42 PDT 2002
On Tue, Aug 27, 2002 at 02:10:46PM -0700, Don Marti wrote:
> The -N on the client end means just do the tunnel, don't run
> anything. (try ssh -N /bin/false example.com) I'm just wondering if
> specifying /bin/false is a clean enough way to prevent an attacker
> from attempting to actually run some program using that key. Or is
> there a way to say "don't let this key run anything, it's a tunnel
> only key".
Whadda ya know, seems to work just fine (using OpenSSH_3.4p1
Debian 1:3.4p1-2 and a DSA key).
More information about the linux-elitists