kallithea Changeset - a9e71e61cedf

Changeset - a9e71e61cedf

Parent rev.

Child rev.

[Not reviewed]

stable

0 1 0

Mads Kiilerich - 6 years ago 2020-04-29 15:00:59
mads@kiilerich.com

ssh: mention in docs how to use multiple authorized_keys files

1 file changed with 10 insertions and 0 deletions:

docs/setup.rst

0 comments (0 inline, 0 general)

docs/setup.rst

➞

Show inline comments

@@ @@ -150,12 +150,22 @@ be writeable by the Kallithea user. @@
     ``ssh_authorized_keys`` setting of the ``.ini`` file) does not exist as a
     directory, Kallithea will attempt to create it. If that path exists but is
     *not* a directory, or is not readable-writable-executable by the server
     process, the server process will raise an exception each time it attempts to
     write the ``authorized_keys`` file.
 .. note:: It is possible to configure the SSH server to look for authorized
    keys in multiple files, for example reserving ``ssh/authorized_keys`` to be
    used for normal SSH and with Kallithea using
    ``.ssh/authorized_keys_kallithea``. In ``/etc/ssh/sshd_config`` set
    ``AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys_kallithea``
    and restart sshd, and in ``my.ini`` set ``ssh_authorized_keys =
    /home/kallithea/.ssh/authorized_keys_kallithea``. Note that this new
    location will apply to all system users, and that multiple entries for the
    same SSH key will shadow each other.
 .. warning:: The handling of SSH access is steered directly by the command
     specified in the ``authorized_keys`` file. There is no interaction with the
     web UI.  Once SSH access is correctly configured and enabled, it will work
     regardless of whether the Kallithea web process is actually running. Hence,
     if you want to perform repository or server maintenance and want to fully
     disable all access to the repositories, disable SSH access by setting

0 comments (0 inline, 0 general)