Restricting SSH sessions to a single command

Using SSH keys to allow passwordless logins to a server allows cool scripting opportunities. You may want to allow a user to login via SSH, but restrict them to a specific command. This can be done with a command option in your authorized_keys file. If you prepend a command="" option to your SSH key line, SSH will force that command to run that command every time a user with that key connects.

command="/usr/bin/ls /etc -lsa" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDunzvfGJi4qcHixaoCQ0k1kociSYfIlwhXzI1ywtltA user@desktop
Leave A Reply
All content licensed under the Creative Commons License