HP-UX Secure Shell A.04.40.006 and A.04.40.007 Release Notes
HP-UX Secure Shell A04.40.006 and A.04.40.007
New Features in OpenSSH 4.4p1
Chapter12
•“The ForceCommand Directive” on page 12
•“The PermitOpen Directive” on page 12
The ForceCommand Directive
The ForceCommand directive forces the execution of the command
specified by ForceCommand, ignoring any other command supplied by the
client. Previous releases of OpenSSH specified this option in the
authorised_keys file. Following is an example of the ForceCommand
functionality:
Example 2 Example of the ForceCommand Directive
The following line is included in the sshd_config file:
ForceCommand pwd
A user on the client system enters the following command:
# ssh remotehost ls /
In such a scenario, pwd is executed regardless of the ls command
executed by the user.
The ForceCommand directive is useful in conjunction with the Match
configuration directive.
The PermitOpen Directive
The PermitOpen directive specifies the destinations to which TCP port
forwarding is permitted. Previous releases of OpenSSH specified this
option in the authorised_keys file.
Example 3 Example of the PermitOpen Directive
The following line is included in the sshd_config file:
PermitOpen host3:23
A user on the client system enters the following command:
# ssh -L 2222:host2:23 host1
SSH does not enable the user to forward traffic to the system. It allows
forwardings only to the host specified by the PermitOpen directive.