场景1:使用RSA身份验证将hostA sftp文件作为user1传入和传出hostB。这很好。
场景2:为了只允许user1的特定命令在hostA上运行在hostB上,我在hostB上的authorized_keys文件中添加了command =“somescript”。这很好但现在从hostA到hostB的SFTP都被破坏了。
hostA# sftp -v user1@hostB
....
....
debug1: Sending subsystem: sftp
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Transferred: sent 3120, received 2720 bytes, in 0.3 seconds
Bytes per second: sent 10837.6, received 9448.1
debug1: Exit status 0
Connection closed
方案3:从hostB中删除来自authorized_keys的命令。 SFTP开始正常工作。
为什么在authorized_keys中指定命令的想法会破坏sftp?