login about faq

Is it possible to configure Tectia Server 6.1.4 on Windows Server 2003 that way, that different forced commands are triggered if one user connects with different keys? (using public key authentication to trigger commands on server side) E.g. user connects with 1 key and triggers action a, then the same user connects with another key and triggers action b?

Cheers Sebastian

asked Feb 11 '10 at 12:15

Sebastian%201's gravatar image

Sebastian 1
111

edited Feb 11 '10 at 13:02

Ville%20Laurikari's gravatar image

Ville Laurikari
131129


Yes, you can use public key options in the authorization file for this.

Here's an example authorization file for two different keys with two different forced commands:

Key     key1.pub
Options command="command1.exe"

Key     key2.pub
Options command="command2.exe"

Obviously you need to have key1.pub and key2.pub present in the .ssh2 folder as well. On Windows, the default location for the authorization file is %USERPROFILE%\.ssh2\authorization, where USERPROFILE usually is usually something like "C:\Documents and Settings\username".

There are a number of other options available for public keys besides forced commands. These are documented in the admin guide.

link

answered Feb 11 '10 at 13:00

Ville%20Laurikari's gravatar image

Ville Laurikari
131129

edited Feb 17 '10 at 08:40

I believe our docs are wrong on the location for this on windows. I think on windows the authorization file is actually under %USERPROFILE%.ssh2\authorization, so something like: "C:\Documents and Settings\username.ssh2\authorization" I'll double check this and enter a case for fixing the docs

(Feb 12 '10 at 19:45) Roman ♦♦ Roman's gravatar image

Apparently doesn't work for me.

I have a file authorized_keys:

Key key1.pub Options command="e:\test\a.bat"

The referenced key1.pub resides in the same directory as the authorized_keys file

The path (e:\users\username\Application Data\SSH\Authorization) the authorized_keys file resides in, is configured under "Authentication->Username->Public-Key Authentication->Authorization file"

The used key is valid, i tested connect with it before i configured usage of a authorized_keys file.

When i try and connect, the log-message is: "Could not find the received public key in user's public key authorization file or directory"

Any ideas?

link

answered Feb 12 '10 at 11:03

Sebastian%202's gravatar image

Sebastian 2
1

The file should be called "authorization" and I believe it should reside under %USERPROFILE%.ssh2\ something like "C:\Documents and Settings\username.ssh2\". authorized_keys is the one that OpenSSH uses. Tectia also recognizes that but the format for specifying options is different.

(Feb 12 '10 at 19:47) Roman ♦♦ Roman's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×55
×54
×2

Asked: Feb 11 '10 at 12:15

Seen: 3,968 times

Last updated: Oct 27 '10 at 18:22

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.