11 lines
612 B
Plaintext
11 lines
612 B
Plaintext
[[!comment format=mdwn
|
|
username="http://joeyh.name/"
|
|
ip="209.250.56.214"
|
|
subject="comment 1"
|
|
date="2014-04-21T13:31:13Z"
|
|
content="""
|
|
Running propellor that way would probably need ssh to allocate a tty in order for sudo's password prompt to work. And it adds complexity. Does it add security? I don't think so, PermitRootLogin=without-password or PasswordAuthentication=no is not going to let anyone brute force the root account.
|
|
|
|
PermitRootLogin=forced-commands-only might be worth making easy to set up, so the only command that can be run with some special propellor-specific ssh key is propellor.
|
|
"""]]
|