How can I create a Single-purpose keys (ssh) for use with scp?

unix scp remote-access

Solution 1:

When you talk about command="" I assume you refer to the entry you can put in a ~/.ssh/authorized_keys, limiting what command a public ssh key can be used to execute?

When transferring a file across ssh using scp you spawn the following process on the remote side: "scp -t /destination/directory". Hence, if you want an entry only allowing you to scp files into the /tmp directory you will use the following

command="scp -t /tmp"

To my knowledge there is no command="" entry restring a key only to use scp, but at the same time allowing transfers into any destination directory. A completely different solution, which might very well not be what you are after, is using a restrictive shell like scponly.

Related

Audit CPU and memory usage for cron jobs
Restore DB2 database
Are "unexportable" certificates a real security measure or just security theater?
Move VMware Server 2.0 Image to ESXi
Running gdb on Ubuntu 9.10 Apache2 Install
Bash Scripting: Parse File Contents Into Array
Linux or OS X Server?
wildcard ssl certificate - exchange 2010 - POP/IMAP problem
Syslog-ng: how to log severity/facility?
Can I get AD to authenticate via another LDAP server?
recommend firewall options for a dedicated server
Why am I getting an overflowerror in Python?