NNCP

&gt; So what does nncp-exec do? It reads stdin and encrypts it to node bob. It adds metadata, saying it’s requesting the “tarextract” command, and adding two arguments to it (the -C &#x2F;var&#x2F;local&#x2F;backups). It writes this all into a packet file in the transmission queue for bob.<p>&gt; When bob processes the packet, it spins up &#x2F;usr&#x2F;bin&#x2F;tar -xpf - -C &#x2F;var&#x2F;local&#x2F;backups, piping to it the data that had originally been piped to nncp-exec.<p>I was with them until seeing that nncp-exec accepts user provided arguments[2], and that just smells like an escape waiting to happen. Since they drew parallels between that and the command= in authorized_keys[2] I looked it up and it doesn&#x27;t appear that either command= nor its ForceCommand sibling accept user provided arguments<p>I presume its target audience is where both ends of the connection are &quot;you&quot; (or at least fully trusted)<p>1: <a href="https:&#x2F;&#x2F;www.complete.org&#x2F;nncp-concepts&#x2F;#remote-execution" rel="nofollow">https:&#x2F;&#x2F;www.complete.org&#x2F;nncp-concepts&#x2F;#remote-execution</a><p>2: <a href="https:&#x2F;&#x2F;manpages.ubuntu.com&#x2F;manpages&#x2F;noble&#x2F;man8&#x2F;sshd.8.html#:~:text=specifies%20that%20the%20command%20is%20executed%20whenever%20this%20key%20is%20used%20for%20authentication" rel="nofollow">https:&#x2F;&#x2F;manpages.ubuntu.com&#x2F;manpages&#x2F;noble&#x2F;man8&#x2F;sshd.8.html#...</a>