projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
b3c1a6e
)
Use "restrict" key option for storace's da-backup keys
author
Julien Cristau
<jcristau@debian.org>
Mon, 5 Feb 2018 16:27:10 +0000
(17:27 +0100)
committer
Julien Cristau
<jcristau@debian.org>
Mon, 5 Feb 2018 16:27:10 +0000
(17:27 +0100)
modules/ssh/templates/authorized_keys.erb
patch
|
blob
|
history
diff --git
a/modules/ssh/templates/authorized_keys.erb
b/modules/ssh/templates/authorized_keys.erb
index
7692441
..
3b774b6
100644
(file)
--- a/
modules/ssh/templates/authorized_keys.erb
+++ b/
modules/ssh/templates/authorized_keys.erb
@@
-52,7
+52,7
@@
case @fqdn
hostname = allnodeinfo[node]['hostname'][0]
machine_keys << "# #{hostname}"
hostname = allnodeinfo[node]['hostname'][0]
machine_keys << "# #{hostname}"
- machine_keys << "command=\"/usr/lib/da-backup/da-backup-ssh-wrap #{hostname}\",from=\"#{allnodeinfo[node]['ipHostNumber'].join(',')}\",
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc
#{allnodeinfo[node]['sshRSAHostKey'][0]}"
+ machine_keys << "command=\"/usr/lib/da-backup/da-backup-ssh-wrap #{hostname}\",from=\"#{allnodeinfo[node]['ipHostNumber'].join(',')}\",
restrict
#{allnodeinfo[node]['sshRSAHostKey'][0]}"
else
machine_keys << "# host #{node} not found in allnodeinfo"
end
else
machine_keys << "# host #{node} not found in allnodeinfo"
end