Merge pull request #1716 from ttamttam/patch-1

yunohost ne permet plus d’autoriser ssh. Ah ben si !
This commit is contained in:
tituspijean 2021-07-13 23:17:56 +02:00 committed by GitHub
commit af1ac6e85d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 16 additions and 16 deletions

View file

@ -80,13 +80,13 @@ By default, only the `admin` user can log in to YunoHost SSH server.
YunoHost's users created via the administration interface are managed by the LDAP directory. By default, they can't connect via SSH for security reasons. If you want some users to have SSH access enabled, use the command: YunoHost's users created via the administration interface are managed by the LDAP directory. By default, they can't connect via SSH for security reasons. If you want some users to have SSH access enabled, use the command:
```bash ```bash
yunohost user ssh allow <username> yunohost user permission add ssh.main <username>
``` ```
It is also possible to remove SSH access using the following: It is also possible to remove SSH access using the following:
```bash ```bash
yunohost user ssh disallow <username> yunohost user permission remove ssh.main <username>
``` ```
Finally, it is possible to add, delete and list SSH keys, to improve SSH access security, using the commands: Finally, it is possible to add, delete and list SSH keys, to improve SSH access security, using the commands:
@ -104,7 +104,7 @@ N.B. : `fail2ban` will ban your IP for 10 mimutes if you perform 5 failed login
A more extensive discussion about security & SSH can be found on the [dedicated page](/security). A more extensive discussion about security & SSH can be found on the [dedicated page](/security).
## Yunohost command line ## YunoHost command line
!!! Providing a full tutorial about the command line is quite beyond the scope of the YunoHost documentation : for this, consider reading a dedicated tutorial such as [this one](https://ryanstutorials.net/linuxtutorial/) or [this one](http://linuxcommand.org/). But be reassured that you don't need to be a CLI expert to start using it ! !!! Providing a full tutorial about the command line is quite beyond the scope of the YunoHost documentation : for this, consider reading a dedicated tutorial such as [this one](https://ryanstutorials.net/linuxtutorial/) or [this one](http://linuxcommand.org/). But be reassured that you don't need to be a CLI expert to start using it !

View file

@ -78,12 +78,12 @@ Por defecto, sólo el usuario `admin` puede conectarse en SSH en una instancia Y
Los usuarios YunoHost creados vea la interfaz de administración están administrados por la base de datos LDAP. Por defecto, no pueden conectarse en SSH por razones de seguridad. Si necesitas absolutamente que uno de estos usuarios disponga de un acceso SSH, puedes utilizar el comando : Los usuarios YunoHost creados vea la interfaz de administración están administrados por la base de datos LDAP. Por defecto, no pueden conectarse en SSH por razones de seguridad. Si necesitas absolutamente que uno de estos usuarios disponga de un acceso SSH, puedes utilizar el comando :
```bash ```bash
yunohost user ssh allow <username> yunohost user permission add ssh.main <username>
``` ```
Del mismo modo, es posible cancelar el acceso SSH de un usuario con el comando : Del mismo modo, es posible cancelar el acceso SSH de un usuario con el comando :
```bash ```bash
yunohost user ssh disallow <username> yunohost user permission remove ssh.main <username>
``` ```
Finalmente, es posible añadir, suprimir y listar llaves SSH, para mejorar la seguridad del acceso SSH, con estos comandos : Finalmente, es posible añadir, suprimir y listar llaves SSH, para mejorar la seguridad del acceso SSH, con estos comandos :

View file

@ -69,16 +69,16 @@ ssh -p 2244 admin@votre.domaine.tld
## Quels utilisateurs ? ## Quels utilisateurs ?
Par défaut, seulement l'utilisateur `admin` peut se logger en SSH sur une instance YunoHost. Par défaut, seul l'utilisateur `admin` peut se logger en SSH sur une instance YunoHost.
Les utilisateurs YunoHost créés via l'interface d'administration sont gérés par la base de donnée LDAP. Par défaut, ils ne peuvent pas se connecter en SSH pour des raisons de sécurité. Si vous avez absolument besoin qu'un utilisateur dispose d'un accès SSH, vous pouvez utiliser la commande : Les utilisateurs YunoHost créés via l'interface d'administration sont gérés par la base de donnée LDAP. Par défaut, ils ne peuvent pas se connecter en SSH pour des raisons de sécurité. Si vous avez absolument besoin qu'un utilisateur dispose d'un accès SSH, vous pouvez utiliser la commande :
```bash ```bash
yunohost user ssh allow <username> yunohost user permission add ssh.main <username>
``` ```
De même, il est possible de supprimer l'accès SSH à un utilisateur avec la commande : De même, il est possible de supprimer l'accès SSH à un utilisateur avec la commande :
```bash ```bash
yunohost user ssh disallow <username> yunohost user permission remove ssh.main <username>
``` ```
Enfin, il est possible d'ajouter, de supprimer et de lister des clés SSH, pour améliorer la sécurité de l'accès SSH, avec les commandes : Enfin, il est possible d'ajouter, de supprimer et de lister des clés SSH, pour améliorer la sécurité de l'accès SSH, avec les commandes :
@ -94,7 +94,7 @@ N.B. : `fail2ban` bannira votre IP pour 10 minutes si vous échouez plus de 5 fo
Une discussion plus complète de la sécurité et de SSH peut être trouvée sur [la page dédiée](/security). Une discussion plus complète de la sécurité et de SSH peut être trouvée sur [la page dédiée](/security).
## La ligne de commande Yunohost ## La ligne de commande YunoHost
!!! Fournir un tutoriel complet sur la ligne de commande est bien au-delà du cadre de la documentation de YunoHost : pour cela, référez-vous à des tutoriels comme [celui-ci](https://doc.ubuntu-fr.org/tutoriel/console_ligne_de_commande) ou [celui-ci (en)](http://linuxcommand.org/). Mais soyez rassuré qu'il n'y a pas besoin d'être un expert pour commencer à l'utiliser ! !!! Fournir un tutoriel complet sur la ligne de commande est bien au-delà du cadre de la documentation de YunoHost : pour cela, référez-vous à des tutoriels comme [celui-ci](https://doc.ubuntu-fr.org/tutoriel/console_ligne_de_commande) ou [celui-ci (en)](http://linuxcommand.org/). Mais soyez rassuré qu'il n'y a pas besoin d'être un expert pour commencer à l'utiliser !

View file

@ -24,7 +24,7 @@ Se stai installando su un VPS allora il provider dovrebbe averti indicato il tuo
Se stai installando su un computer casalingo (ad esempio un Raspberry Pi o un OLinuXino) devi individuare l'indirizzo IP che è stato attribuito al computer dopo averlo collegato al router. Questi sono alcuni sistemi: Se stai installando su un computer casalingo (ad esempio un Raspberry Pi o un OLinuXino) devi individuare l'indirizzo IP che è stato attribuito al computer dopo averlo collegato al router. Questi sono alcuni sistemi:
- avvia un terminale e dai il comando `sudo arp-scan --local` per elencare gli indirizzi IP sulla rete locale; - avvia un terminale e dai il comando `sudo arp-scan --local` per elencare gli indirizzi IP sulla rete locale;
- usa l'interfaccia del router per vedere la lista dei computer collegati o controllane i log; - usa l'interfaccia del router per vedere la lista dei computer collegati o controllane i log;
- collega un monitor al tuo server yunohost, fai login e digita `hostname --all-ip-address`. - collega un monitor al tuo server YunoHost, fai login e digita `hostname --all-ip-address`.
#### Collegamento #### Collegamento
@ -75,13 +75,13 @@ Di default solo l'utente `admin` può loggarsi al server SSH di YunoHost.
Gli utenti creati dall'interfaccia di amministrazione sono gestiti dalla directory LDAP e di default non possono connettersi via SSH per ragioni di sicurezza. Se invece vuoi abilitare all'accesso SSH alcuni utenti usa il comando: Gli utenti creati dall'interfaccia di amministrazione sono gestiti dalla directory LDAP e di default non possono connettersi via SSH per ragioni di sicurezza. Se invece vuoi abilitare all'accesso SSH alcuni utenti usa il comando:
```bash ```bash
yunohost user ssh allow <username> yunohost user permission add ssh.main <username>
``` ```
È sempre possibile eliminare l'accesso SSH con il comando: È sempre possibile eliminare l'accesso SSH con il comando:
```bash ```bash
yunohost user ssh disallow <username> yunohost user permission remove ssh.main <username>
``` ```
Infine è possibile aggiungere, eliminare ed elencare le chiavi SSH, usate per migliorare la sicurezza degli accessi SSH con i comandi: Infine è possibile aggiungere, eliminare ed elencare le chiavi SSH, usate per migliorare la sicurezza degli accessi SSH con i comandi:
@ -98,7 +98,7 @@ N.B.: `fail2ban` bannerà il tuo IP per 10 minuti nel caso di almeno 5 tentativi
Una discussione più approfondita relativa a sicurezza & SSH è su [questa pagina](/security). Una discussione più approfondita relativa a sicurezza & SSH è su [questa pagina](/security).
## Yunohost command line ## YunoHost command line
!!! Providing a full tutorial about the command line is quite beyond the scope of the YunoHost documentation : for this, consider reading a dedicated tutorial such as [this one](https://ryanstutorials.net/linuxtutorial/) or [this one](http://linuxcommand.org/). But be reassured that you don't need to be a CLI expert to start using it ! !!! Providing a full tutorial about the command line is quite beyond the scope of the YunoHost documentation : for this, consider reading a dedicated tutorial such as [this one](https://ryanstutorials.net/linuxtutorial/) or [this one](http://linuxcommand.org/). But be reassured that you don't need to be a CLI expert to start using it !

View file

@ -77,13 +77,13 @@ By default, only the `admin` user can log in to YunoHost SSH server.
YunoHost's users created via the administration interface are managed by the LDAP directory. By default, they can't connect via SSH for security reasons. If you want some users to have SSH access enabled, use the command: YunoHost's users created via the administration interface are managed by the LDAP directory. By default, they can't connect via SSH for security reasons. If you want some users to have SSH access enabled, use the command:
```bash ```bash
yunohost user ssh allow <username> yunohost user permission add ssh.main <username>
``` ```
It is also possible to remove SSH access using the following: It is also possible to remove SSH access using the following:
```bash ```bash
yunohost user ssh disallow <username> yunohost user permission remove ssh.main <username>
``` ```
Finally, it is possible to add, delete and list SSH keys, to improve SSH access security, using the commands: Finally, it is possible to add, delete and list SSH keys, to improve SSH access security, using the commands:
@ -100,7 +100,7 @@ N.B. : `fail2ban` will ban your IP for 10 minutes if you perform 5 failed login
A more extensive discussion about security & SSH can be found on the [dedicated page](/security). A more extensive discussion about security & SSH can be found on the [dedicated page](/security).
## Yunohost command line ## YunoHost command line
!!! Providing a full tutorial about the command line is quite beyond the scope of the YunoHost documentation : for this, consider reading a dedicated tutorial such as [this one](https://ryanstutorials.net/linuxtutorial/) or [this one](http://linuxcommand.org/). But be reassured that you don't need to be a CLI expert to start using it ! !!! Providing a full tutorial about the command line is quite beyond the scope of the YunoHost documentation : for this, consider reading a dedicated tutorial such as [this one](https://ryanstutorials.net/linuxtutorial/) or [this one](http://linuxcommand.org/). But be reassured that you don't need to be a CLI expert to start using it !