diff options
Diffstat (limited to 'doc/client/agent.txt')
-rw-r--r-- | doc/client/agent.txt | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/doc/client/agent.txt b/doc/client/agent.txt index eec66964f..ef152133e 100644 --- a/doc/client/agent.txt +++ b/doc/client/agent.txt @@ -8,11 +8,11 @@ Agent Functionality using SSH The Bcfg2 agent code provides the ability to trigger a client update from the server using a secure mechanism that is restricted to running -the bcfg2 client with the options the agent was started with. This same +the Bcfg2 client with the options the agent was started with. This same capability is provided by SSH keypairs, if properly configured. Setup is pretty easy: -#. Create an ssh keypair that is to be used solely for triggering bcfg2 +#. Create an ssh keypair that is to be used solely for triggering Bcfg2 client runs. This key may or may not have a password associated with it; a keyphrase will make things more secure, but will require a person to enter the key passphrase, so it will not be usable automatically.:: @@ -29,8 +29,8 @@ is pretty easy: command="/usr/sbin/bcfg2 -q <other options>",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,from="<bcfg2-server ipaddr>" <pub key> - This key is now only useful to call the bcfg2 client, from the - bcfg2-server's ip address. If PermitRootLogin was set to no in + This key is now only useful to call the Bcfg2 client, from the + Bcfg2 server's ip address. If PermitRootLogin was set to no in sshd_config, you will need to set it to forced-commands-only. Adding a & to the end of the command will cause the command to immediately return. @@ -41,7 +41,7 @@ is pretty easy: Note that you will not be able to alter the command line options from the ones specified in authorized_keys in any way. Also, it is not - needed that the invocation of bcfg2 in the ssh command match. The + needed that the invocation of Bcfg2 in the ssh command match. The following will have the same result.:: $ ssh -i /path/to/key root@client /bin/true |