opensourcemirror
/
cockpit
mirror of https://github.com/cockpit-project/cockpit.git
1
0
Fork 0
Code Issues Releases Wiki Activity

containers: Fix bastion README.md 

`COCKPIT_SSH_ALLOW_UNKNOWN` has been deprecated by
`COCKPIT_SSH_CONNECT_TO_UNKNOWN_HOSTS` a while ago, use the current
variable.

Use single backticks instead of triple ones.
This commit is contained in:
Martin Pitt 2019-05-03 12:53:37 +02:00 committed by Sanne Raymaekers
parent 642b9fdaa5
commit f583663e29
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
containers/bastion/README.md
View File

@ -1,13 +1,13 @@
Bastion Container
====================
This container provides an example of a container that can be used as a bastion to connect via ssh to remote servers that do not have the cockpit webservice installed or exposed. The target server is expected to at minimum have the ```cockpit-system``` package installed. This container can be run in two modes.
This container provides an example of a container that can be used as a bastion to connect via ssh to remote servers that do not have the cockpit webservice installed or exposed. The target server is expected to at minimum have the `cockpit-system` package installed. This container can be run in two modes.
By default on login cockpit will attempt to establish a ssh connection to the given host using the username and password provided.
You can also mount an encrypted private key inside the container and set the environment variable ```COCKPIT_SSH_KEY_PATH``` to point to it.
You can also mount an encrypted private key inside the container and set the environment variable `COCKPIT_SSH_KEY_PATH` to point to it.
```docker run -e COCKPIT_SSH_KEY_PATH='/var/secret/id_rsa' -v ~/.ssh/id_rsa:/var/secret/id_rsa cockpit/bastion```
`docker run -e COCKPIT_SSH_KEY_PATH='/var/secret/id_rsa' -v ~/.ssh/id_rsa:/var/secret/id_rsa cockpit/bastion`
When setup like this cockpit will use the provided password to attempt to decrypt the key and attempt to establish a ssh connection to the given host using that private key.
@ -15,9 +15,8 @@ When setup like this cockpit will use the provided password to attempt to decryp
Host keys
--------------------
You should mount your known host keys into the container at ```/etc/ssh_known_hosts````
You should mount your known host keys into the container at `/etc/ssh_known_hosts`
You can use the environment variable ```COCKPIT_SSH_KNOWN_HOSTS_FILE``` to specify a different location.
Cockpit will only attempt to communicate with hosts that are present in your known hosts file. If you want to allow the bastion to attempt to access any host set the environment variable ```COCKPIT_SSH_ALLOW_UNKNOWN``` to true.
You can use the environment variable `COCKPIT_SSH_KNOWN_HOSTS_FILE` to specify a different location.
Cockpit will only attempt to communicate with hosts that are present in your known hosts file. If you want to allow the bastion to attempt to access any host set the environment variable `COCKPIT_SSH_CONNECT_TO_UNKNOWN_HOSTS` to true.