Don't use SSH agent
This commit is contained in:
Alexandre Iooss
parent
cd189b397b
commit
c27fd74075
2 changed files with 8 additions and 4 deletions
10
README.md
10
README.md
|
|
@ -33,6 +33,9 @@ Il faut changer la variable d'environnement suivante :
|
|||
|
||||
### Configurer la connexion au bastion
|
||||
|
||||
Envoyer son agent SSH peut être dangereux ([source](https://heipei.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/)).
|
||||
|
||||
On va utiliser plutôt ProxyCommand.
|
||||
Dans la configuration SSH :
|
||||
|
||||
```
|
||||
|
|
@ -41,7 +44,10 @@ Host proxy.auro.re
|
|||
ControlMaster auto
|
||||
ControlPath ~/.ssh/%r@%h:%p
|
||||
|
||||
Host *.auro.re 10.128.0.*
|
||||
# Use a key to log on all Aurore servers
|
||||
# and use a bastion
|
||||
Host 10.128.0.*
|
||||
IdentityFile ~/.ssh/id_rsa_aurore
|
||||
ForwardAgent yes
|
||||
ProxyCommand ssh -q -W %h:%p proxy.auro.re
|
||||
```
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue