infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity

sshca: Set group principals for Server Admins 

Members of the *Server Admins* group need to be able to log in to
machines using their respective privileged accounts for e.g.
provisioning or emergencies.
etcd
Dustin 2024-02-02 21:02:40 -06:00
parent 94300ac502
commit a395d176bc
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sshca/config.toml
View File

@ -12,6 +12,12 @@ private_key_passphrase_file = "/run/sshca/secrets/host/passphrase/host-ca-key.pa
private_key_file = "/run/sshca/secrets/user/key/user-ca-key" private_key_file = "/run/sshca/secrets/user/key/user-ca-key"
private_key_passphrase_file = "/run/sshca/secrets/user/passphrase/user-ca-key.passphrase" private_key_passphrase_file = "/run/sshca/secrets/user/passphrase/user-ca-key.passphrase"
[ca.user.group_principals]
"Server Admins" = [
"core",
"root",
]
[[libvirt]] [[libvirt]]
uri = "qemu+ssh://sshca@vmhost0.pyrocufflink.blue/system?keyfile=/run/sshca/libvirt/sshkey" uri = "qemu+ssh://sshca@vmhost0.pyrocufflink.blue/system?keyfile=/run/sshca/libvirt/sshkey"