To restrict access to a server by allowing an authorized user to only run a specific command add an authorized_keys file entry that looks like (this is all in one line one line)
from=”202.41.95.13″,command=”rsync -aCz –server –sender $SRCDIR .”,
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty
ssh-dss
AAAAB3NzaC1kc3M
Here you must put the appropriate source directory in $SRCDIR.
The authorized key file can be put in a dummy users directory. This dummy user should have appropriate read/write permissions for the directory in question.
As an alternative you can use a configuration file “–config=$FILE” in place of $SRCDIR.
Once this is done, the owner of the SSH private key associated with the public-key (which is the bit that starts ssh-dss AAA….) can connect to the ssh server and start the above command and *only* the above command.
– Suramya
PS: Thanks to Kapil from the Linux Gazette Answer Gang for the above tip.