{"id":3952,"date":"2020-02-10T10:20:00","date_gmt":"2020-02-10T09:20:00","guid":{"rendered":"https:\/\/www.unicoda.com\/?p=3952"},"modified":"2020-01-10T22:14:33","modified_gmt":"2020-01-10T21:14:33","slug":"restreindre-les-actions-dune-cle-ssh","status":"publish","type":"post","link":"https:\/\/www.unicoda.com\/?p=3952","title":{"rendered":"Restreindre les actions d&rsquo;une cl\u00e9 ssh"},"content":{"rendered":"\n<p>Petite d\u00e9couverte qui m\u00e9rite d&rsquo;\u00eatre not\u00e9e, il est possible d&rsquo;appliquer des restrictions \u00e0 une cl\u00e9 SSH sur la machine cible. Dans le fichier authorized_keys, on pourra en particulier restreindre la cl\u00e9 \u00e0 une IP source, une plage d&rsquo;IP, ou encore un domaine avec le param\u00e8tre from (Voir la documentation pour la syntaxe). Le param\u00e8tre command, permet quant \u00e0 lui de restreindre les possibilit\u00e9s d&rsquo;ex\u00e9cution de commande en for\u00e7ant l&rsquo;ex\u00e9cution de la commande configur\u00e9e une fois l&rsquo;authentification r\u00e9ussie. Le r\u00e9sultat de la commande est renvoy\u00e9 en retour imm\u00e9diat de la commande ssh. Il existe \u00e9galement un certain nombre d&rsquo;autres options, par exemple no-port-forwarding ou no-x11-forwarding comme pr\u00e9cis\u00e9 dans le manuel. Voir aussi \u00ab\u00a0Configuring authorized_keys for OpenSSH\u00a0\u00bb.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">from=\"192.168.10.42\",command=\"\/bin\/date\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding ssh-rsa xxxx exemple@unicoda.com<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Petite d\u00e9couverte qui m\u00e9rite d&rsquo;\u00eatre not\u00e9e, il est possible d&rsquo;appliquer des restrictions \u00e0 une cl\u00e9 SSH sur la machine cible. Dans le fichier authorized_keys, on pourra en particulier restreindre la cl\u00e9 \u00e0 une IP source, une plage d&rsquo;IP, ou encore un domaine avec le param\u00e8tre from (Voir la documentation pour la syntaxe). Le param\u00e8tre command, &hellip; <a href=\"https:\/\/www.unicoda.com\/?p=3952\" class=\"more-link\">Continuer la lecture<span class=\"screen-reader-text\"> de &laquo;&nbsp;Restreindre les actions d&rsquo;une cl\u00e9 ssh&nbsp;&raquo;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"aside","meta":{"footnotes":""},"categories":[316,5],"tags":[480,482,481],"class_list":["post-3952","post","type-post","status-publish","format-aside","hentry","category-configuration","category-terminal","tag-authorized_keys","tag-restriction","tag-ssh","post_format-post-format-aside"],"_links":{"self":[{"href":"https:\/\/www.unicoda.com\/index.php?rest_route=\/wp\/v2\/posts\/3952","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.unicoda.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.unicoda.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.unicoda.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.unicoda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3952"}],"version-history":[{"count":5,"href":"https:\/\/www.unicoda.com\/index.php?rest_route=\/wp\/v2\/posts\/3952\/revisions"}],"predecessor-version":[{"id":3984,"href":"https:\/\/www.unicoda.com\/index.php?rest_route=\/wp\/v2\/posts\/3952\/revisions\/3984"}],"wp:attachment":[{"href":"https:\/\/www.unicoda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3952"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.unicoda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3952"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.unicoda.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3952"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}