Reference page: https://www.ssh.com/academy/ssh/authorized-keys-openssh
OpenSSH daemon config file location: /etc/ssh/sshd_config – customized authorized_keys path can be set inside the config file
1. In the authorized_keys file for SSH, you can use /bin/false to ensure that a specific key cannot be used for an interactive login session. This can be combined with other options for more granular control.
2. environment=”NAME=value” command=”cmd” : Forces a command to be executed when this key is used for authentication. This is also calledΒ command restrictionΒ orΒ forced command. The effect is to limit the privileges given to the key, and specifying this options is often important for implementing theΒ principle of least privilege. Without this option, the key grants unlimited access as that user, including obtaining shell access.
3. from=”pattern-list”: whilelist for using the key
4. no-pty: Prevents allocation of aΒ pseudo-ttyΒ for connections using the key.