Review for new rbac_playbook
Michael Scherer
misc at zarb.org
Mon Jun 9 15:37:06 UTC 2014
Le lundi 09 juin 2014 à 08:44 -0600, Tim Flink a écrit :
> The QA devel folks use phabricator and phabricator supports git repo
> hosting (through http(s) and ssh). In order to support git over ssh
> while keeping user information in phabricator (username, ssh key for
> git, repo permissions etc.), it uses a short-circuited ssh daemon that
> uses phabricator for auth instead of system accounts (restricted to git
> commands, though). Git repos on alternate ports is a bit of a pain, so
> to support git+ssh on port 22 I change the real ssh daemon (that can do
> more than git) to an alternate port.
What about having the real sshd listening on one ip ( if possible, a
rfc1918 one in the VPN ) and git from phabricator on a second ?
--
Michael Scherer
More information about the infrastructure
mailing list