Last active
December 27, 2015 02:59
-
-
Save samrocketman/7255904 to your computer and use it in GitHub Desktop.
/etc/ssh/sshd_config append to disable password auth for SSH on the git user only.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Match User git | |
PasswordAuthentication no |
I like the above idea:
Banner "/home/git/ssh-banner.txt"
But it shows the banner every time you git push
or git pull
- not only when the user hasn't got an SSH key setup.
@findel unfortunately that's a limitation in SSHD... for now I don't know of a good work around to that. I decided it was better to show it every time in my setup so that users at least get a hint of where they need to go without asking anybody. But I agree it's not ideal. For details see Banner
in sshd_config(5)
man page.
@findel perhaps it would be better to state something like this in the banner...
GitLab SSH Key Access: If you get permission denied then make sure you added your SSH key to your gitlab user.
See [insert your help doc here]
I just realized a better solution would be to use pam_auth to give a message on password only. Perhaps there's a way to do it on password failure only.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I added the following...
Where the contents of ssh-banner.txt is...