projects
/
noc.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tuer: Add AuthorizedKeys script for tuerctl
[noc.git]
/
ansible
/
tuer.yml
diff --git
a/ansible/tuer.yml
b/ansible/tuer.yml
index
e061759
..
0d90890
100644
(file)
--- a/
ansible/tuer.yml
+++ b/
ansible/tuer.yml
@@
-78,6
+78,10
@@
mode: 0755
file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/update-keys/update-keys"
mode: 0755
file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/update-keys/update-keys"
+ /usr/local/bin/authorized_keys.sh:
+ mode: 0755
+ file: "{{ playbook_dir }}/files/tuer/authorized_keys.sh"
+
/etc/ssh/sshd_config:
content: |-
Port 22000
/etc/ssh/sshd_config:
content: |-
Port 22000
@@
-91,6
+95,12
@@
X11Forwarding no
UsePrivilegeSeparation sandbox
X11Forwarding no
UsePrivilegeSeparation sandbox
+ Match User tuerctl
+ AuthorizedKeysFile /dev/null
+ AuthorizedKeysCommand /usr/local/bin/authorized_keys.sh
+ AuthorizedKeysCommandUser tuergit
+
+
/etc/ssh/authorized_keys.d/root:
content: |-
{% for key in noc_ssh_keys %}
/etc/ssh/authorized_keys.d/root:
content: |-
{% for key in noc_ssh_keys %}