forked from Controls/gitea-pages
suggested SSH client configuration
This commit is contained in:
@@ -74,7 +74,7 @@ Host *.psi.ch
|
||||
```
|
||||
|
||||
Here we by default do not trust the machines we connect to, e.g. we do not delegate the Kerberos TGT, do not forward the SSH agent and do not do X forwarding, stuff which could be abused when the destination machine is compromised or run by an hostile admin.
|
||||
The "trusted" connection are selected on a case by case basis when needed (e.g. for AFS) by using their FQDN instead of just the short name.
|
||||
Features requiring trust are selected on a case by case basis when needed (e.g. for AFS) by using their FQDN instead of just the short name.
|
||||
|
||||
Alternatively you might use
|
||||
- `ssh -K` for `GSSAPIDelegateCredentials yes` (Kerberos TGT delegation)
|
||||
|
||||
Reference in New Issue
Block a user