Commit graph

59 commits

Author SHA1 Message Date
Seth Vargo 0b827774ae Drop vault.rocks (#4186) 2018-03-23 11:41:51 -04:00
Jim Kalafut ef4537e5d4 Change "mount" to "secrets enable" in docs 2018-03-02 12:54:28 -08:00
Paweł Słomka b994e83c65 Cleanup of deprecated commands in tests, docs (#3788) 2018-01-15 15:19:28 -05:00
Seth Vargo 83b1eb900a
More naming cleanup 2017-10-24 09:35:03 -04:00
Seth Vargo 51a27b758b
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo ec9e187ce4 Thread stderr through too (#3211)
* Thread stderr through too

* Small docs typo
2017-08-21 17:23:29 -04:00
Seth Vargo 1f45a6c96e Addd more SSH CA troubleshooting (#3201)
* Add notes about pty and other permit-* extensions

* Update troubleshooting

* Add an example of JSON for sign

* Fix a bug about what keys to push up
2017-08-21 17:22:54 -04:00
Seth Vargo b4bec62d47
Typo fix 2017-08-16 18:38:35 -04:00
Seth Vargo 7b1e013511
Refactor SSH CA backend docs 2017-08-16 18:38:35 -04:00
Seth Vargo 8ee362744b Break SSH types into their own pages (#3157)
@jefferai and I discussed this on Friday. With three fully-documented
SSH backends, the page is lengthy, ungreppable, and intimidating. This
commit separates the SSH backends into their own pages with as little
text changes as possible.
2017-08-14 10:49:41 -04:00
Brian Shumate 5fb9c73e1d DOCS: fix typo (#2965) 2017-07-03 12:40:31 -04:00
Jeff Mitchell ce58bfa88f Update SSH docs to indicate deprecation of dynamic key type 2017-04-17 11:11:05 -04:00
Jeff Mitchell c2407eab5a Add some extra documentation around ssh-keygen -L to see signed cert
info.

Ping #2569
2017-04-13 15:23:27 -04:00
Jeff Mitchell f805618a2c Update SSH CA documentation
Fixes #2551
Fixes #2569
2017-04-07 11:59:25 -04:00
Jeff Mitchell 9ec414016d Update SSH docs to note that host key verification is not performed. 2017-04-03 10:43:41 -04:00
Vishal Nayak b9b68ca5e8 docs: Elaborate the steps for SSH CA backend with 'sshd_config' changes (#2507) 2017-03-19 18:52:15 -04:00
Seth Vargo 21ecbda1f4
Update titles 2017-03-17 14:37:01 -04:00
Seth Vargo d4390d103e
/docs/http -> /api 2017-03-17 14:06:03 -04:00
Seth Vargo 3fd0bd36cc
Break out API documentation for secret backends 2017-03-16 09:47:06 -07:00
Mike Okner 95df7beed9 Adding allow_user_key_ids field to SSH role config (#2494)
Adding a boolean field that determines whether users will be allowed to
set the ID of the signed SSH key or whether it will always be the token
display name.  Preventing users from changing the ID and always using
the token name is useful for auditing who actually used a key to access
a remote host since sshd logs key IDs.
2017-03-16 08:45:11 -04:00
Stanislav Grozev 4bc3abd152 Remove superfluous argument from SSH CA docs 2017-03-14 10:21:48 -04:00
Stanislav Grozev 7d59d7d3ac Reads on ssh/config/ca return the public keys
If configured/generated.
2017-03-14 10:21:48 -04:00
Stanislav Grozev 830de2dbbd If generating an SSH CA signing key - return the public part
So that the user can actually use the SSH CA, by adding the public key
to their respective sshd_config/authorized_keys, etc.
2017-03-14 10:21:48 -04:00
Vishal Nayak 220beb2cde doc: ssh allowed_users update (#2462)
* doc: ssh allowed_users update

* added some more context in default_user field
2017-03-09 10:34:55 -05:00
vishalnayak 431070f828 doc: ssh markdown alignments 2017-03-08 21:58:12 -05:00
Jeff Mitchell 76bec343f4 Some minor ssh docs updating 2017-03-02 16:47:21 -05:00
Will May 70bfdb5ae9 Changes from code review 2017-03-02 14:36:13 -05:00
Will May 36b3d89604 Allow internal generation of the signing SSH key pair 2017-03-02 14:36:13 -05:00
Vishal Nayak 3795d2ea64 Rework ssh ca (#2419)
* docs: input format for default_critical_options and default_extensions

* s/sshca/ssh

* Added default_critical_options and default_extensions to the read endpoint of role

* Change default time return value to 0
2017-03-01 15:50:23 -05:00
Will May ff1ff02bd7 Changes from code review
Major changes are:
* Change `allow_{user,host}_certificates` to default to false
* Add separate `allowed_domains` role property
2017-03-01 15:19:18 -05:00
Will May 099d561b20 Add ability to create SSH certificates 2017-03-01 15:19:18 -05:00
vishalnayak 2ad698ec0b Added user listing endpoint to userpass docs 2016-09-30 15:47:33 -04:00
Jeff Mitchell f0203741ff Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 18:32:49 -04:00
Raja Nadar d8b1ab05dd doc: change invalid otp response code to 400 (#1863)
invalid otp response code is 400 bad request.
2016-09-08 11:13:13 -04:00
Jeff Mitchell 21e39bfea6 Remove erroneous information about some endpoints being root-protected 2016-08-04 16:08:54 -04:00
vishalnayak 315f9c868c Provide option to disable host key checking 2016-06-01 11:08:24 -04:00
vishalnayak 30fa7f304b Allow * to be set for allowed_users 2016-05-30 03:12:43 -04:00
vishalnayak 971b2cb7b7 Do not allow any username to login if allowed_users is not set 2016-05-30 03:01:47 -04:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
vishalnayak fd585ecf8a removed datatype and corrected a sentense 2016-03-01 11:21:29 -05:00
vishalnayak 724823b8f7 zeroaddress documentation fix 2016-03-01 10:57:00 -05:00
Jeff Mitchell ca5e4dd955 Merge pull request #980 from rajanadar/patch-8
fixing the return type of verify otp
2016-02-01 14:10:14 -05:00
Jeff Mitchell 904e2b36b6 Update SSH documentation with list 2016-01-28 14:41:43 -05:00
Raja Nadar e4438d9705 fixed the return type of /ssh/lookup api 2016-01-28 01:04:35 -08:00
Raja Nadar b8fa5c6fd4 fix return type of post /ssh/creds
added sample json for both otp and dynamic credentials
2016-01-28 00:56:59 -08:00
Raja Nadar 7aabad7808 better description 2016-01-27 21:58:54 -08:00
Raja Nadar 67da86eeab fixing the return type of verify otp
it seems to be 200 on valid OTP and 204 on invalid OTP. (i think it should be an error.. 400 or 404)
but for the moment, fixing the docs to match the existing behavior.
2016-01-27 20:04:11 -08:00
Seth Vargo 50f720bc06 Remove tabs from terminal output
This also standardizes on the indentation we use for multi-line commands as
well as prefixes all commands with a $ to indicate a shell.
2015-10-12 12:10:22 -04:00
Colin Rymer e2b157aa79 Remove redundant wording for SSH OTP introduction. 2015-09-30 10:58:44 -04:00
Jeff Mitchell a5f52f43b1 Minor doc update to SSH 2015-09-21 16:26:07 -04:00