Verified Commit ef3e01ce authored by Evangelos Foutras's avatar Evangelos Foutras 🐱
Browse files

Use restrict key option with svn-{packages,community}

No functional change; the "restrict" key option is a shorthand for:

- no-agent-forwarding
- no-port-forwarding
- no-X11-forwarding
- no-pty
- no-user-rc

It was added in OpenSSH 7.2 (2016-02-29) as a convenient way to specify
an authorized key should have "all current and future key restrictions"
applied to it.
parent 1d8d133e
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
{% set keys = lookup('file', '../pubkeys/'+user+'.pub').split("\n") %} {% set keys = lookup('file', '../pubkeys/'+user+'.pub').split("\n") %}
{% for key in keys | sort %} {% for key in keys | sort %}
{% if "command" not in key -%} {% if "command" not in key -%}
command="/usr/bin/svnserve --tunnel-user={{user}} -t",no-port-forwarding,no-agent-forwarding,no-pty {{key}} command="/usr/bin/svnserve --tunnel-user={{user}} -t",restrict {{key}}
{% endif %} {% endif %}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment