Skip to content

daethnir/authprogs

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 2 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
authprogs
Fix --dump_config option; bump to 0.7.5
October 18, 2021 12:00
doc
NFC: update description.rst to include usage reference and fix typo
February 21, 2021 14:35
.gitignore
Add DEVELOPMENT.md; move some bits from INSTALL.md
February 21, 2021 14:39
.ispell_code
NFC: spell check code and yaml
February 21, 2021 14:36
.ispell_default
Add DEVELOPMENT.md; move some bits from INSTALL.md
February 21, 2021 14:39
.ispell_yaml
NFC: spell check code and yaml
February 21, 2021 14:36
AUTHORS.md
Converts to setuptools; improves sdist build.
October 13, 2013 01:05
COPYING
Initial commit of authprogs.
October 11, 2013 16:13
DEVELOPMENT.md
Add DEVELOPMENT.md; move some bits from INSTALL.md
February 21, 2021 14:39
INSTALL.md
Add DEVELOPMENT.md; move some bits from INSTALL.md
February 21, 2021 14:39
MANIFEST.in
Add markdown versions of doc files in manifest
February 21, 2021 14:48
README.md
NFC: fix spelling in markdown files
February 21, 2021 12:18
README.rsync.md
NFC: fix spelling in markdown files
February 21, 2021 12:18
TODO.md
Bump version to 0.7.2 and update TODO
February 21, 2021 12:18
changelog
Fix --dump_config option; bump to 0.7.5
October 18, 2021 12:00
setup.py
Add DEVELOPMENT.md; move some bits from INSTALL.md
February 21, 2021 14:39
Authprogs Installation and Usage Author

README.md

Authprogs

authprogs is an SSH command authenticator. It is invoked on an ssh server and decides if the command requested by the ssh client should be run or rejected based on logic in the authprogs configuration file.

Passwordless SSH using ssh identities or pubkeys can enable all sorts of wonderful automation, for example running unattended batch jobs, slurping down backups, or pushing out code. Unfortunately a key, once trusted, is allowed by default to run anything on that system, not just the small set of commands you actually need. If the key is compromised, you are at risk of a security breach. This could be catastrophic, for example if the access is to the root account.

Authprogs is run on the SSH server and compares the requested command against the authprogs configuration file/files. This enables authprogs to make intelligent decisions based on things such as the command itself, the SSH key that was used, the client IP, and such.

authprogs is enabled by using the command= option in the authorized_keys file.

Installation and Usage

See the full authprogs man page in the doc directory.

Author

Bri Hatch bri@ifokr.org

About

The Authprogs SSH Command Authenticator

Resources

Readme

License

GPL-2.0 license

Stars

11 stars

Watchers

4 watching

Forks

8 forks

Releases 1

v0.7.5 Latest
Oct 31, 2021

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages