X-Git-Url: https://git.realraum.at/?a=blobdiff_plain;f=ansible%2Ftuer.yml;fp=ansible%2Ftuer.yml;h=0d90890538a9adf23e7a0a5a974fe481e4cb2661;hb=a7b16357c0999e0a863ee80abde6af5f34f3a16d;hp=e061759f8cf78d61f18ea346e3f50cd5c5fb04a3;hpb=462d5291a691cd8bd800a79b5feddcfae8ffa2e2;p=noc.git

diff --git a/ansible/tuer.yml b/ansible/tuer.yml
index e061759..0d90890 100644
--- a/ansible/tuer.yml
+++ b/ansible/tuer.yml
@@ -78,6 +78,10 @@
             mode: 0755
             file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/update-keys/update-keys"
 
+          /usr/local/bin/authorized_keys.sh:
+            mode: 0755
+            file: "{{ playbook_dir }}/files/tuer/authorized_keys.sh"
+
           /etc/ssh/sshd_config:
             content: |-
               Port 22000
@@ -91,6 +95,12 @@
               X11Forwarding no
               UsePrivilegeSeparation sandbox
 
+              Match User tuerctl
+                AuthorizedKeysFile /dev/null
+                AuthorizedKeysCommand /usr/local/bin/authorized_keys.sh
+                AuthorizedKeysCommandUser tuergit
+
+
           /etc/ssh/authorized_keys.d/root:
             content: |-
               {% for key in noc_ssh_keys %}