diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-04-29 18:59:11 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-04-29 18:59:11 +0300 |
commit | 8aeb0f0d40f421befb0b009e51b0c05937239c6c (patch) | |
tree | c597f8a109b1a921c0f953dbc7aee7704ba8023e /vmadm.md | |
parent | 99b4c180e7932cfe180323ba35956b1184212f51 (diff) | |
download | vmadm-8aeb0f0d40f421befb0b009e51b0c05937239c6c.tar.gz |
feat: optionally turn off authorized keys support in SSH server
If the specification has "allow_authorized_keys: false" (possibly
from new config setting "default_allow_authorized_keys"), the SSH
server configuration will tell the server to not consult a user's
authorized keys file at all.
Sponsored-by: author
Diffstat (limited to 'vmadm.md')
-rw-r--r-- | vmadm.md | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -88,6 +88,7 @@ authorized_keys: "default_networks": [ "network=default" ], + "default_allow_authorized_keys": null, "ca_key": "~/ca_key", "user_ca_pubkey": "~/user_ca_pubkey", "authorized_keys": [ @@ -125,7 +126,8 @@ foo: "generate_host_certificate": true, "autostart": true, "ca_key": "~/other_ca", - "user_ca_pubkey": "~/user_ca_pubkey" + "user_ca_pubkey": "~/user_ca_pubkey", + "allow_authorized_keys": true } ] ~~~ @@ -217,6 +219,7 @@ ssh_keys: ed25519_certificate: ed25519-certificate user_ca_pubkey: > ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChZ6mVuGLBpW7SarFU/Tu6TemquNxatbMUZuTk8RqVtbkvTKeWFZ5h5tntWPHgST8ykYFaIrr8eYuKQkKdBxHW7H8kejTNwRu/rDbRYX5wxTn4jw4RVopGTpxMlGrWeu5CkWPoLAhQtIzzUAnrDGp9sqG6P1G4ohI61wZMFQta9R2uNxXnnes+e2r4Y78GxmlQH/o0ouI8fBnsxRK0IoSfFs2LutO6wjyzR59FdC9TT7wufd5kXMRzxsmPGeXzNcaqvHGxBvRucGFclCkqSRwk3GNEpXZQhlCIoTIoRu0IPAp/430tlx9zJMhhwDlZsOOXRrFYpdWVMSTAAKECLSYx liw@exolobe1 +allow_authorized_keys: true ~~~ # Create a virtual machine |