diff options
Diffstat (limited to 'doc/administration/operations/ssh_certificates.md')
-rw-r--r-- | doc/administration/operations/ssh_certificates.md | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/doc/administration/operations/ssh_certificates.md b/doc/administration/operations/ssh_certificates.md index 7cbd8c74f90..c0525cf6258 100644 --- a/doc/administration/operations/ssh_certificates.md +++ b/doc/administration/operations/ssh_certificates.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # User lookup via OpenSSH's AuthorizedPrincipalsCommand @@ -9,17 +9,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Available in](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/19911) GitLab > Community Edition 11.2. -GitLab's default SSH authentication requires users to upload their SSH +The default SSH authentication for GitLab requires users to upload their SSH public keys before they can use the SSH transport. -In centralized (e.g. corporate) environments this can be a hassle -operationally, particularly if the SSH keys are temporary keys issued -to the user, e.g. ones that expire 24 hours after issuing. +In centralized (for example, corporate) environments this can be a hassle +operationally, particularly if the SSH keys are temporary keys issued to the +user, including ones that expire 24 hours after issuing. In such setups some external automated process is needed to constantly upload the new keys to GitLab. -> **Warning:** OpenSSH version 6.9+ is required because that version +WARNING: +OpenSSH version 6.9+ is required because that version introduced the `AuthorizedPrincipalsCommand` configuration option. If using CentOS 6, you can [follow these instructions](fast_ssh_key_lookup.html#compiling-a-custom-version-of-openssh-for-centos-6) |