authprogs
  "command=..." processing
  Very handy, but unwieldy.
  Requires separate key for each command.
  Can result in very long authorized_keys lines.
  Management nightmare.
  authprogs
  Perl script front end for authorized_keys commands.
  Gets original command from $SSH_ORIGINAL_COMMAND variable.
  Uses a configuration file to determine if command is authorized based on client host.
  Logs commands that are attempted/allowed.

Copyright 2004, Bri Hatch of Onsight, Inc.

Presented at LFNW - LinuxFest Northwest, Bellingham, Washington, Apr 2004

Presentation created using vim and MagicPoint.