NAME¶

mini-buildd-ssh-client-command - Script to use as a 'command' in an authorized_key file to allow mini-buildd-api runs only via SSH.

DESCRIPTION¶

usage: mini-buildd-ssh-client-command [-h] [--version]

Script to use as a 'command' in an authorized_key file to allow mini-buildd-api runs only via SSH.

-h, --help: show this help message and exit
--version: show program's version number and exit
-l {CRITICAL,ERROR,WARNING,INFO,DEBUG}, --log-level {CRITICAL,ERROR,WARNING,INFO,DEBUG}: set log level (default: INFO)
-v, --verbose: DEPRECATED (use --log-level): increase log level. Give twice for max logs (default: 0)
-q, --quiet: DEPRECATED (use --log-level): decrease log level. Give twice for min logs (default: 0)

You may use this to authorize certain roles (for now: superuser and staff) via plain secure SSH.

Steps to install:

As user 'root'::

: adduser --disabled-password mini-buildd-admin adduser --disabled-password mini-buildd-staff # OPTIONAL: Allows 'auth log' with the fingerprint adduser mini-buildd-admin adm adduser mini-buildd-staff adm

As mini-buildd-[staff|uploader]::

: Set up ~/.dput.cf with exactly one mini-buildd target. Configure python-keyring to use a plaintext keyring, see "/usr/share/doc/mini-buildd/examples/keyringrc.cfg" Run once to save the password:
: $ mini-buildd-api admin|staff@TARGET status

As admin user at the mini-buildd instance (web app)::

To authorize a SSH Key, as user mini-buildd-uploader, add a line like this::

per ssh user key.

As SSH user::

: Run 'ssh mini-buildd-[admin|staff]@your.host.name mini-buildd-api -x -z -y

November 2022

mini-buildd-ssh-client-command 1.9.111

Source file:	mini-buildd-ssh-client-command.8.en.gz (from mini-buildd 1.9.111)
Source last updated:	2022-11-06T19:48:13Z
Converted to HTML:	2022-11-07T03:48:37Z