X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fportforwarder%2Ftemplates%2Fauthorized_keys.erb;h=755f344b3b97d5af3a88688688f45812624163e3;hb=a1b5a1c81f41292d5a21f4e8762aa0ae9d360679;hp=063312a2f6008e5131fb8a05cce91dd14c0d04f2;hpb=cf5ca6f6942ed9b46e05a0cdc8f43a54e5190044;p=mirror%2Fdsa-puppet.git

diff --git a/modules/portforwarder/templates/authorized_keys.erb b/modules/portforwarder/templates/authorized_keys.erb
index 063312a2f..755f344b3 100644
--- a/modules/portforwarder/templates/authorized_keys.erb
+++ b/modules/portforwarder/templates/authorized_keys.erb
@@ -30,7 +30,7 @@ config.each_pair do |sourcehost, services|
 	##lines << "# sourcehost is #{sourcehost}"
 	services.each do |service|
 		##lines << "# targethost is #{service['target_host']}, my hostname #{hostname}, fqdn is #{fqdn}"
-		next if service['target_host'] != fqdn
+		next if service['target_host'] != @fqdn
 		allowed_ports << service['target_port'] if service['target_port']
 	end
 
@@ -44,7 +44,7 @@ config.each_pair do |sourcehost, services|
 			lines << "# insufficient config values"
 		else
 			command = "/usr/bin/portforwarder-ssh-wrap #{sourcehost} #{local_bind} #{allowed_ports.join(' ')}"
-			lines << "from=\"#{remote_ip}\",command=\"#{command}\",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding #{sshkey}"
+			lines << "from=\"#{remote_ip}\",command=\"#{command}\",restrict #{sshkey}"
 		end
 	end
 end