On Thu, Jul 2, 2009 at 12:21 PM, Allan Marcus<al...@lanl.gov> wrote: > Would I need to write a bunch of fugly stuff in my sshd_config to > limit what the puppet user can do via the ssh command? any examples?
You put the client's key in /root/.ssh/authorized_keys. All you need to do is prepend this to it: command="/usr/sbin/puppetca",no-pty,no-port-forwarding Check the documentation for your version of sshd to be sure. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---