2160 – Option to disable ~/.ssh/rc in sshd_config

Bug 2160 - Option to disable ~/.ssh/rc in sshd_config

Summary: Option to disable ~/.ssh/rc in sshd_config

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	6.2p1
Hardware:	All All

Importance:	P5 enhancement
Assignee:	Damien Miller

URL:
Keywords:

Depends on:
Blocks:	V_6_7
	Show dependency tree / graph

Reported:	2013-10-16 12:53 AEDT by Ryan Cox
Modified:	2014-10-08 08:00 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
PermitUserRC option for sshd_config (4.50 KB, patch) 2014-07-03 15:26 AEST, Damien Miller	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ryan Cox 2013-10-16 12:53:42 AEDT

There is an option in ~/.authorized_keys to disable ~/.ssh/rc but none in sshd_config.  We have hundreds of users and would like to disable ~/.ssh/rc globally so that /etc/ssh/sshrc will run for all users.  A new option in sshd_config would be a good solution.

I would be fine with either or both of the following solutions:
* An option to disable user ~/.ssh/rc completely
* An option to run /etc/ssh/sshrc then run ~/.ssh/rc if it exists

Comment 1 Damien Miller 2014-07-03 15:26:49 AEST

Created attachment 2452 [details]
PermitUserRC option for sshd_config

This adds a PermitUserRC option for sshd_config

Comment 2 Damien Miller 2014-07-04 09:10:38 AEST

patch applied - this will be in openssh-6.7. Thanks!

Comment 3 Damien Miller 2014-10-08 08:00:34 AEDT

Close all bugs left open from 6.6 and 6.7 releases.