pub-solar/infra
6
1
Fork 3
Code Issues29 Pull requests9 Projects1 Releases Packages Wiki Activity Actions

auth: add user for each administrator #261

Merged
teutat3s merged 7 commits from per-admin-user into main 2024-11-28 16:16:35 +00:00
Conversation 5 Commits 7 Files changed 19 +153 -139

7 commits

Author SHA1 Message Date
teutat3s
aee317b463
flake: format 2024-11-26 17:58:30 +01:00
teutat3s
98b546f587
docs: update for per admin user SSH access 2024-11-26 17:58:26 +01:00
teutat3s
42b3052091
deploy: remove hard-coded SSH user barkeeper 2024-11-26 17:56:15 +01:00
b12f
eb63779bb6
auth: use all sshPubKeys for disk unlock, fix tests, fix hm config 2024-11-20 16:49:39 +01:00
b12f
acc537decd
hosts: use correct wireguardDevices option 2024-11-20 16:49:39 +01:00
b12f
2b72d9a5a8
style: run nix fmt 2024-11-20 16:49:39 +01:00
b12f
5366d07d44
auth: add user for each administrator 
After this has been tested successfully, root SSH login can be disabled.

The advantages of having a user for each adminstrator:

* Better security analysis: who issued executed what command, who
  touched which file, who used sudo at which time.
* Possibility of granular access, e.g. person X is only allowed to
  manage service Y
 2024-11-20 16:49:38 +01:00