aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonathan DeMasi <jon.demasi@colorado.edu>2019-06-05 11:22:56 -0600
committerJonathan DeMasi <jon.demasi@colorado.edu>2019-06-05 11:22:56 -0600
commitc7abe8bbff24089aafe409268047ca90679fc66b (patch)
tree80994dbde7cb43a9e2892d734db5f2dd237efb9d
parent6405fb9402a7b2b4401b43830efd36c76d3256d6 (diff)
downloadgh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar
gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.gz
gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.bz2
gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.lz
gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.xz
gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.zst
gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.zip
added build and install instructions
-rw-r--r--README.md8
1 files changed, 8 insertions, 0 deletions
diff --git a/README.md b/README.md
index 0cf989f..4c7fbcf 100644
--- a/README.md
+++ b/README.md
@@ -3,3 +3,11 @@ This is an sshd helper intended to be used in conjunction with the `AuthorizedKe
## Building
Simply clone the repository and use `go build -o gh_authkey_checker main.go` to build a binary. This repository is also mirrored on [GitHub](https://github.com/jrdemasi/gh_authkey_checker), because, afterall, it's Go. If you trust me, the most up-to-date copy of the tool can also be found [here](https://jrdemasi.com/files/binaries/gh_authkey_checker "gh_authkey_checker binary download")
+
+## Installation
+Per FHS, this most likely belongs in `/opt`, but I'm sticking it in `/usr/local/sbin` to minimize configuration (again, on testing and short deployment cloud instances). Simply copy the binary you built or downloaded in `/usr/local/sbin`, then `chmod root:root /usr/local/sbin/gh_authkey_checker`. Lastly, make sure that only root can execute, `chmod 700 /usr/local/sbin/gh_authkey_checker`.
+
+## Configuration
+This utility is only tested on Arch and CentOS 7 at this point. Uncomment/add/modify the following lines in `/etc/ssh/sshd_config`:
+ AuthorizedKeysCommand /usr/local/sbin/gh_authkey_checker
+ AuthorizedKeysCommandUser root