From: Julien Cristau <jcristau@debian.org>
Date: Tue, 3 Oct 2017 07:07:07 +0000 (+0200)
Subject: Use restrict authorized_keys option for geodns
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=c51523cd53cebc61bcec7746fd0edef44669b7e8;hp=43c77a822ffcfd99efcc83aea955f57bcb9fd6ff;p=mirror%2Fdsa-puppet.git

Use restrict authorized_keys option for geodns

no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user
is a mouthful, and geo[123] are all on stretch.
---

diff --git a/modules/named/files/common/authorized_keys b/modules/named/files/common/authorized_keys
index 936f3aca2..bb3517f45 100644
--- a/modules/named/files/common/authorized_keys
+++ b/modules/named/files/common/authorized_keys
@@ -2,4 +2,4 @@
 # THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
 # USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 #
-from="82.195.75.91,2001:41b8:202:deb:1b1b::91",command="/etc/bind/geodns/trigger",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtZqwdRGRGycqd+EqSzMfXHZa8caLx2yjkQs3hXOWDcAkfbFhsjgnVanx90i8/FIIIVKWPHXvRpS8dsKfBn4MbVq6AYYcx/sYS9uMMjLWFMC0TqrOp4IgHMH3qXlgsq/eOnqvQXDU3DO3p2TVS/a4F7vh8/nPQtDM1JVnMgZL4rx0aXYVcFIdxv9Sy76K4MBENOnXJ73qmRaVu6fIUfk9MAdzIcMx3iOYiO78vytc4xezq743iIOee0vpY1VnF2CDxrWoVyDGDH7qNk8xeFzAGm91xrcSkVEmMVbD9vMLOOPsEZNMJlimEDetEiNwJoS0HzHq6jccksb1wjs2tOr8X dnsadm@denis (20131230)
+from="82.195.75.91,2001:41b8:202:deb:1b1b::91",command="/etc/bind/geodns/trigger",restrict ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtZqwdRGRGycqd+EqSzMfXHZa8caLx2yjkQs3hXOWDcAkfbFhsjgnVanx90i8/FIIIVKWPHXvRpS8dsKfBn4MbVq6AYYcx/sYS9uMMjLWFMC0TqrOp4IgHMH3qXlgsq/eOnqvQXDU3DO3p2TVS/a4F7vh8/nPQtDM1JVnMgZL4rx0aXYVcFIdxv9Sy76K4MBENOnXJ73qmRaVu6fIUfk9MAdzIcMx3iOYiO78vytc4xezq743iIOee0vpY1VnF2CDxrWoVyDGDH7qNk8xeFzAGm91xrcSkVEmMVbD9vMLOOPsEZNMJlimEDetEiNwJoS0HzHq6jccksb1wjs2tOr8X dnsadm@denis (20131230)