1255670Sdes# $OpenBSD: forcecommand.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $ 2162852Sdes# Placed in the Public Domain. 3162852Sdes 4162852Sdestid="forced command" 5162852Sdes 6162852Sdescp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 7162852Sdes 8255670Sdesprintf 'command="true" ' >$OBJ/authorized_keys_$USER 9162852Sdescat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER 10255670Sdesprintf 'command="true" ' >>$OBJ/authorized_keys_$USER 11162852Sdescat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER 12162852Sdes 13162852Sdesfor p in 1 2; do 14162852Sdes trace "forced command in key option proto $p" 15162852Sdes ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 16162852Sdes fail "forced command in key proto $p" 17162852Sdesdone 18162852Sdes 19255670Sdesprintf 'command="false" ' >$OBJ/authorized_keys_$USER 20162852Sdescat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER 21255670Sdesprintf 'command="false" ' >>$OBJ/authorized_keys_$USER 22162852Sdescat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER 23162852Sdes 24162852Sdescp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 25162852Sdesecho "ForceCommand true" >> $OBJ/sshd_proxy 26162852Sdes 27162852Sdesfor p in 1 2; do 28162852Sdes trace "forced command in sshd_config overrides key option proto $p" 29162852Sdes ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 30162852Sdes fail "forced command in key proto $p" 31162852Sdesdone 32162852Sdes 33162852Sdescp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 34162852Sdesecho "ForceCommand false" >> $OBJ/sshd_proxy 35162852Sdesecho "Match User $USER" >> $OBJ/sshd_proxy 36162852Sdesecho " ForceCommand true" >> $OBJ/sshd_proxy 37162852Sdes 38162852Sdesfor p in 1 2; do 39162852Sdes trace "forced command with match proto $p" 40162852Sdes ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 41162852Sdes fail "forced command in key proto $p" 42162852Sdesdone 43