From 2039e7fb10a2798663885b22fa703637cc24c278 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakobus=20Sch=C3=BCrz?= Date: Wed, 28 Aug 2019 09:17:18 +0200 Subject: [PATCH] Add sshd_config snippet for users not git Added another snippet for sshd_config to use principal-files for users which are NOT git. There you can also use another AuthorizedPrincipalsCommand, if you want instead. --- README.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.rst b/README.rst index 452c085..2541fbe 100644 --- a/README.rst +++ b/README.rst @@ -216,6 +216,12 @@ To use principals and ssh-certificates with this fork of gitosis, please add thi AuthorizedPrincipalsCommandUser git AuthorizedPrincipalsCommand /usr/local/bin/gitosis-authorized-principals %i +And for all users except git, use only principal-files:: + + Match User !git,* + AuthorizedPrincipalsFile /etc/ssh/userprincipals/%u + + This will run the command as user "git", which will you have installed, when you serve your gitrepos with gitosis. %i is the key-identity of your certificate, which will you give on your sign-process to the user-certificate.