From 6e724af9f7d94df4bdb6958cd0313fb6e0e1b55c Mon Sep 17 00:00:00 2001 From: gueux Date: Mon, 21 Apr 2014 12:26:51 +0000 Subject: --- doc/todo/ssh__95__user_+_sudo.mdwn | 1 + 1 file changed, 1 insertion(+) create mode 100644 doc/todo/ssh__95__user_+_sudo.mdwn (limited to 'doc/todo') diff --git a/doc/todo/ssh__95__user_+_sudo.mdwn b/doc/todo/ssh__95__user_+_sudo.mdwn new file mode 100644 index 00000000..2269cecd --- /dev/null +++ b/doc/todo/ssh__95__user_+_sudo.mdwn @@ -0,0 +1 @@ +It would be great to be able to ssh to a user different from root, and then to use sudo to run commands. -- cgit v1.3-2-g0d8e From eb7497fd41f0b6d2f97e67f4e0a05fd7bb2b9350 Mon Sep 17 00:00:00 2001 From: "http://joeyh.name/" Date: Mon, 21 Apr 2014 13:31:13 +0000 Subject: Added a comment --- .../comment_1_3bc008e42587a3313f81ee740d7d80f0._comment | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment (limited to 'doc/todo') diff --git a/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment new file mode 100644 index 00000000..e0dc1d7f --- /dev/null +++ b/doc/todo/ssh__95__user_+_sudo/comment_1_3bc008e42587a3313f81ee740d7d80f0._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="http://joeyh.name/" + ip="209.250.56.214" + subject="comment 1" + date="2014-04-21T13:31:13Z" + content=""" +Running propellor that way would probably need ssh to allocate a tty in order for sudo's password prompt to work. And it adds complexity. Does it add security? I don't think so, PermitRootLogin=without-password or PasswordAuthentication=no is not going to let anyone brute force the root account. + +PermitRootLogin=forced-commands-only might be worth making easy to set up, so the only command that can be run with some special propellor-specific ssh key is propellor. +"""]] -- cgit v1.3-2-g0d8e From 162db41458bf1a41942a93de902c377ca204f6cd Mon Sep 17 00:00:00 2001 From: gueux Date: Mon, 21 Apr 2014 13:49:08 +0000 Subject: Added a comment: CMD --- .../comment_1_3801d48190c029a8591ab188427b31b6._comment | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment (limited to 'doc/todo') diff --git a/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment b/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment new file mode 100644 index 00000000..ff217423 --- /dev/null +++ b/doc/todo/docker_todo_list/comment_1_3801d48190c029a8591ab188427b31b6._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="gueux" + ip="109.190.19.251" + subject="CMD" + date="2014-04-21T13:49:08Z" + content=""" +It would be great to be able to set the CMD of a docker container. + +http://docs.docker.io/reference/builder/#cmd +"""]] -- cgit v1.3-2-g0d8e From 12f65d67d5cda1a760ee4571782e16cd75b5f992 Mon Sep 17 00:00:00 2001 From: gueux Date: Mon, 21 Apr 2014 13:54:39 +0000 Subject: Added a comment --- .../comment_2_35722c7d6f6c3e2315fbf72878066c01._comment | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment (limited to 'doc/todo') diff --git a/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment new file mode 100644 index 00000000..8dc6299b --- /dev/null +++ b/doc/todo/ssh__95__user_+_sudo/comment_2_35722c7d6f6c3e2315fbf72878066c01._comment @@ -0,0 +1,8 @@ +[[!comment format=mdwn + username="gueux" + ip="109.190.19.251" + subject="comment 2" + date="2014-04-21T13:54:39Z" + content=""" +I didn't knew \"PermitRootLogin=forced-commands-only\", it seems great! +"""]] -- cgit v1.3-2-g0d8e