usage: mini-buildd-ssh-client-command [-h] [--version] [-v] [-q]
Script to use as a 'command' in an authorized_key file to allow mini-buildd-api runs only via SSH.
options:-h, --help
show this help message and exit
--version
show program's version number and exit
-v, --verbose
increase log level. Give twice for max logs (default: 0)
-q, --quiet
decrease log level. Give twice for min logs (default: 0)
You may use this to authorize certain roles (for now: superuser and staff) via plain secure SSH.
Steps to install:
As user 'root'::
adduser --disabled-password mini-buildd-admin adduser --disabled-password mini-buildd-staff #
OPTIONAL: Allows 'auth log' with the fingerprint adduser mini-buildd-admin adm adduser
mini-buildd-staff adm
As mini-buildd-[staff|uploader]::
Set up ~/.dput.cf with exactly one mini-buildd target. Configure python-keyring to use a
plaintext keyring, see "/usr/share/doc/mini-buildd/examples/keyringrc.cfg" Run once to save the
password:
$ mini-buildd-api admin|staff@TARGET status
As admin user at the mini-buildd instance (web app)::
Generate appropriate django pseudo users ("admin" does already exist).
To authorize a SSH Key, as user mini-buildd-uploader, add a line like this::
command="/usr/sbin/mini-buildd-ssh-client-command" ssh-rsa AA...
per ssh user key.
As SSH user::
Run 'ssh mini-buildd-[admin|staff]@your.host.name mini-buildd-api -x-z-y
mini-buildd-ssh-client-command 1.9.99 March 2022 MINI-BUILDD-SSH-CLIENT-COMMAND(8)
Install Now
PNG Icons
Emojis
