Bug 2160

Summary: Option to disable ~/.ssh/rc in sshd_config
Product: Portable OpenSSH Reporter: Ryan Cox <ryan_cox>
Component: sshdAssignee: Damien Miller <djm>
Status: CLOSED FIXED    
Severity: enhancement CC: djm
Priority: P5    
Version: 6.2p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 2226    
Attachments:
Description Flags
PermitUserRC option for sshd_config none

Description Ryan Cox 2013-10-16 12:53:42 AEDT 
There is an option in ~/.authorized_keys to disable ~/.ssh/rc but none in sshd_config.  We have hundreds of users and would like to disable ~/.ssh/rc globally so that /etc/ssh/sshrc will run for all users.  A new option in sshd_config would be a good solution.

I would be fine with either or both of the following solutions:
* An option to disable user ~/.ssh/rc completely
* An option to run /etc/ssh/sshrc then run ~/.ssh/rc if it exists
Comment 1 Damien Miller 2014-07-03 15:26:49 AEST 
Created attachment 2452 [details]
PermitUserRC option for sshd_config

This adds a PermitUserRC option for sshd_config
Comment 2 Damien Miller 2014-07-04 09:10:38 AEST 
patch applied - this will be in openssh-6.7. Thanks!
Comment 3 Damien Miller 2014-10-08 08:00:34 AEDT 
Close all bugs left open from 6.6 and 6.7 releases.