commit ab571639c78e5be016b7494a3d8f3dffec2038ab
parent 55449b6f0a93b51dc5d79956b97ccbc0c7919be5
Author: pyratebeard <root@pyratebeard.net>
Date: Fri, 19 Apr 2024 10:26:03 +0100
updates
Diffstat:
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/iac/awx.md b/iac/awx.md
@@ -13,8 +13,10 @@ cd awx-operator && \
```
make deploy
```
+* wait for 2 running
* this skips the need to have your own `kustomization.yaml` but it seems we need it later any way
```
+---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
diff --git a/networking/ssh.md b/networking/ssh.md
@@ -48,6 +48,15 @@ a mitm attack) run the following to remove from 'known_hosts'
ssh-keygen -f $HOME/.ssh/known_hosts -R <hostname>
```
+## sshd_config
+* allow one user and all users in group
+* if only use `AllowGroup` it overrides the `AllowUsers`
+```
+AllowUsers <username>
+Match group users
+ AllowUsers *
+```
+
## ref
[ssh][] guide
@@ -55,9 +64,6 @@ ssh-keygen -f $HOME/.ssh/known_hosts -R <hostname>
[socks proxy]: https://ma.ttias.be/socks-proxy-linux-ssh-bypass-content-filters/
[ssh]: http://lackof.org/taggart/hacking/ssh/
-
-
-
* must have dns resolv on greyskull (and nublar for lxc)
* must have short name in ssh/config on nublar for lxc
* must have cert-auth known host on nublar for lxc
