On 03/21/2014 02:54 AM, Marc Haber wrote: > I would not do that in stdin as this precludes many standard commands > from being used here. How about environment variables for key, > fingerprint and probably comment? If you have the key, you don't need the fingerprint. > Wait, the ssh server doesn't know about a key's comment, does it? the comment is irrelevant to the authorization process, since it's not explicitly bound to the key at all (try exiting the comment in either your id_rsa.pub or in .ssh/authorized_keys -- a mismatch has no effect). Given that, i think authorizedkeyscommand only needs access to the key. --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
