mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 19:17:02 +02:00
Code Issues Projects Releases Wiki Activity
6,740 Commits 2,844 Branches 445 Tags 454 MiB
d3a2844a75
Commit Graph

54 Commits

Author SHA1 Message Date
Seth Vargo
be57fd0594 Thread stderr through too (#3211) 
* Thread stderr through too

* Small docs typo
 2017-08-21 17:23:29 -04:00
Seth Vargo
9eacae526e Addd more SSH CA troubleshooting (#3201) 
* Add notes about pty and other permit-* extensions

* Update troubleshooting

* Add an example of JSON for sign

* Fix a bug about what keys to push up
 2017-08-21 17:22:54 -04:00
Seth Vargo
1a907c81d4
Typo fix 2017-08-16 18:38:35 -04:00
Seth Vargo
1a7a39d4fd
Refactor SSH CA backend docs 2017-08-16 18:38:35 -04:00
Seth Vargo
8581a7879c Break SSH types into their own pages (#3157) 
@jefferai and I discussed this on Friday. With three fully-documented
SSH backends, the page is lengthy, ungreppable, and intimidating. This
commit separates the SSH backends into their own pages with as little
text changes as possible.
 2017-08-14 10:49:41 -04:00
Brian Shumate
03b95432eb DOCS: fix typo (#2965) 2017-07-03 12:40:31 -04:00
Jeff Mitchell
bdc3002d56 Update SSH docs to indicate deprecation of dynamic key type 2017-04-17 11:11:05 -04:00
Jeff Mitchell
8e2b8ff1df Add some extra documentation around ssh-keygen -L to see signed cert 
info.

Ping #2569
 2017-04-13 15:23:27 -04:00
Jeff Mitchell
14c0000169 Update SSH CA documentation 
Fixes #2551
Fixes #2569
 2017-04-07 11:59:25 -04:00
Jeff Mitchell
251da1bcdc Update SSH docs to note that host key verification is not performed. 2017-04-03 10:43:41 -04:00
Vishal Nayak
cf0fb2119f docs: Elaborate the steps for SSH CA backend with 'sshd_config' changes (#2507) 2017-03-19 18:52:15 -04:00
Seth Vargo
0fe2e84e3a
Update titles 2017-03-17 14:37:01 -04:00
Seth Vargo
f64bf8d183
/docs/http -> /api 2017-03-17 14:06:03 -04:00
Seth Vargo
501cf5d065
Break out API documentation for secret backends 2017-03-16 09:47:06 -07:00
Mike Okner
6f84f7ffd0 Adding allow_user_key_ids field to SSH role config (#2494) 
Adding a boolean field that determines whether users will be allowed to
set the ID of the signed SSH key or whether it will always be the token
display name.  Preventing users from changing the ID and always using
the token name is useful for auditing who actually used a key to access
a remote host since sshd logs key IDs.
 2017-03-16 08:45:11 -04:00
Stanislav Grozev
e9086bd85f Remove superfluous argument from SSH CA docs 2017-03-14 10:21:48 -04:00
Stanislav Grozev
5f3397bff5 Reads on ssh/config/ca return the public keys 
If configured/generated.
 2017-03-14 10:21:48 -04:00
Stanislav Grozev
d22796c644 If generating an SSH CA signing key - return the public part 
So that the user can actually use the SSH CA, by adding the public key
to their respective sshd_config/authorized_keys, etc.
 2017-03-14 10:21:48 -04:00
Vishal Nayak
9af1ca3d2c doc: ssh allowed_users update (#2462) 
* doc: ssh allowed_users update

* added some more context in default_user field
 2017-03-09 10:34:55 -05:00
vishalnayak
4731754077 doc: ssh markdown alignments 2017-03-08 21:58:12 -05:00
Jeff Mitchell
e8e1905c96 Some minor ssh docs updating 2017-03-02 16:47:21 -05:00
Will May
ffb5ee7fda Changes from code review 2017-03-02 14:36:13 -05:00
Will May
f9d853f7f0 Allow internal generation of the signing SSH key pair 2017-03-02 14:36:13 -05:00
Vishal Nayak
d30a833db7 Rework ssh ca (#2419) 
* docs: input format for default_critical_options and default_extensions

* s/sshca/ssh

* Added default_critical_options and default_extensions to the read endpoint of role

* Change default time return value to 0
 2017-03-01 15:50:23 -05:00
Will May
59397250da Changes from code review 
Major changes are:
* Change `allow_{user,host}_certificates` to default to false
* Add separate `allowed_domains` role property
 2017-03-01 15:19:18 -05:00
Will May
1d59b965cb Add ability to create SSH certificates 2017-03-01 15:19:18 -05:00
vishalnayak
6b0be2d5c4 Added user listing endpoint to userpass docs 2016-09-30 15:47:33 -04:00
Jeff Mitchell
c748ff322f Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 18:32:49 -04:00
Raja Nadar
0087541e6f doc: change invalid otp response code to 400 (#1863) 
invalid otp response code is 400 bad request.
 2016-09-08 11:13:13 -04:00
Jeff Mitchell
503a13b17b Remove erroneous information about some endpoints being root-protected 2016-08-04 16:08:54 -04:00
vishalnayak
ab017967e4 Provide option to disable host key checking 2016-06-01 11:08:24 -04:00
vishalnayak
8ae663f498 Allow * to be set for allowed_users 2016-05-30 03:12:43 -04:00
vishalnayak
c945b8b3f2 Do not allow any username to login if allowed_users is not set 2016-05-30 03:01:47 -04:00
Sean Chittenden
339c0a4127
Speling police 2016-05-15 09:58:36 -07:00
vishalnayak
8feae7eb1f removed datatype and corrected a sentense 2016-03-01 11:21:29 -05:00
vishalnayak
a40e0fc8d4 zeroaddress documentation fix 2016-03-01 10:57:00 -05:00
Jeff Mitchell
10a6aec9a3 Merge pull request #980 from rajanadar/patch-8 
fixing the return type of verify otp
 2016-02-01 14:10:14 -05:00
Jeff Mitchell
56e5615f18 Update SSH documentation with list 2016-01-28 14:41:43 -05:00
Raja Nadar
f42f5ec306 fixed the return type of /ssh/lookup api 2016-01-28 01:04:35 -08:00
Raja Nadar
2270affc2f fix return type of post /ssh/creds 
added sample json for both otp and dynamic credentials
 2016-01-28 00:56:59 -08:00
Raja Nadar
14c1bb4141 better description 2016-01-27 21:58:54 -08:00
Raja Nadar
61e0e3dd94 fixing the return type of verify otp 
it seems to be 200 on valid OTP and 204 on invalid OTP. (i think it should be an error.. 400 or 404)
but for the moment, fixing the docs to match the existing behavior.
 2016-01-27 20:04:11 -08:00
Seth Vargo
cfd7aa5983 Remove tabs from terminal output 
This also standardizes on the indentation we use for multi-line commands as
well as prefixes all commands with a $ to indicate a shell.
 2015-10-12 12:10:22 -04:00
Colin Rymer
c9e9fbdab2 Remove redundant wording for SSH OTP introduction. 2015-09-30 10:58:44 -04:00
Jeff Mitchell
791ae62db3 Minor doc update to SSH 2015-09-21 16:26:07 -04:00
Jeff Mitchell
fa53293b7b Enhance SSH backend documentation; remove getting of stored keys and have TTLs honor backends systemview values 2015-09-21 16:14:30 -04:00
vishalnayak
1226251d14 Vault SSH: Added exclude_cidr_list option to role 2015-08-27 23:19:55 -04:00
vishalnayak
06ac073684 Vault SSH: Docs for default CIDR value 2015-08-27 13:10:15 -04:00
vishalnayak
630f348dbf Vault SSH: Provide key option specifications for dynamic keys 2015-08-27 11:41:29 -04:00
vishalnayak
36bf873a47 Vault SSH: 1024 is default key size and removed 4096 2015-08-19 12:51:33 -07:00