diff options
author | Jonathan DeMasi <jon.demasi@colorado.edu> | 2019-06-05 11:22:56 -0600 |
---|---|---|
committer | Jonathan DeMasi <jon.demasi@colorado.edu> | 2019-06-05 11:22:56 -0600 |
commit | c7abe8bbff24089aafe409268047ca90679fc66b (patch) | |
tree | 80994dbde7cb43a9e2892d734db5f2dd237efb9d | |
parent | 6405fb9402a7b2b4401b43830efd36c76d3256d6 (diff) | |
download | gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.gz gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.bz2 gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.lz gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.xz gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.tar.zst gh_authkey_checker-c7abe8bbff24089aafe409268047ca90679fc66b.zip |
added build and install instructions
-rw-r--r-- | README.md | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -3,3 +3,11 @@ This is an sshd helper intended to be used in conjunction with the `AuthorizedKe ## Building Simply clone the repository and use `go build -o gh_authkey_checker main.go` to build a binary. This repository is also mirrored on [GitHub](https://github.com/jrdemasi/gh_authkey_checker), because, afterall, it's Go. If you trust me, the most up-to-date copy of the tool can also be found [here](https://jrdemasi.com/files/binaries/gh_authkey_checker "gh_authkey_checker binary download") + +## Installation +Per FHS, this most likely belongs in `/opt`, but I'm sticking it in `/usr/local/sbin` to minimize configuration (again, on testing and short deployment cloud instances). Simply copy the binary you built or downloaded in `/usr/local/sbin`, then `chmod root:root /usr/local/sbin/gh_authkey_checker`. Lastly, make sure that only root can execute, `chmod 700 /usr/local/sbin/gh_authkey_checker`. + +## Configuration +This utility is only tested on Arch and CentOS 7 at this point. Uncomment/add/modify the following lines in `/etc/ssh/sshd_config`: + AuthorizedKeysCommand /usr/local/sbin/gh_authkey_checker + AuthorizedKeysCommandUser root |