mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2024-09-22 18:42:55 +02:00
Code Issues

Use restrict key option with svn-{packages,community}

Browse Source 
No functional change; the "restrict" key option is a shorthand for:

- no-agent-forwarding
- no-port-forwarding
- no-X11-forwarding
- no-pty
- no-user-rc

It was added in OpenSSH 7.2 (2016-02-29) as a convenient way to specify
an authorized key should have "all current and future key restrictions"
applied to it.
This commit is contained in:
Evangelos Foutras 2021-07-09 02:04:08 +03:00
parent 1d8d133e8b
commit ef3e01ce61
No known key found for this signature in database
GPG Key ID: 51E8B148A9999C34
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
roles/dbscripts/templates/authorized_keys-group.j2
View File

@ -5,7 +5,7 @@
{% set keys = lookup('file', '../pubkeys/'+user+'.pub').split("\n") %}
{% for key in keys | sort %}
{% if "command" not in key -%}
command="/usr/bin/svnserve --tunnel-user={{user}} -t",no-port-forwarding,no-agent-forwarding,no-pty {{key}}
command="/usr/bin/svnserve --tunnel-user={{user}} -t",restrict {{key}}
{% endif %}
{% endfor %}
{% endif %}