-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
permit_tunnel attribute - allow tun device forwarding #211
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bobchaos thank you! it looks good for me, we need to fix some minor things:
- can you please sign-off your commit?
git commit --amend --signoff
git push --force
- can you please rebase the PR on the latest master to resolve the conflict?
https://github.com/edx/edx-platform/wiki/How-to-Rebase-a-Pull-Request#perform-a-rebase
README.md
Outdated
@@ -56,6 +56,7 @@ override['ssh-hardening']['ssh']['server']['listen_to'] = node['ipaddress'] | |||
* `['ssh-hardening']['ssh']['server']['allow_tcp_forwarding']` - `false`. Set to `true` to allow TCP Forwarding | |||
* `['ssh-hardening']['ssh']['server']['allow_agent_forwarding']` - `false`. Set to `true` to allow Agent Forwarding | |||
* `['ssh-hardening']['ssh']['server']['allow_x11_forwarding']` - `false`. Set to `true` to allow X11 Forwarding | |||
* `['ssh-hardening']['ssh']['server']['permit_tunnel']` - `false` to disable tun device forwarding. Set to `true` to allow tun device forwarding. Other accepted values: 'yes', 'no', 'point-to-point', 'ethernet', see man sshd\_config pages for exact behaviors. Do note you'll also need to allow TCP forwarding. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you please change it this way in order to match the style of README.md:
* `['ssh-hardening']['ssh']['server']['permit_tunnel']` - `false`. Set to `true` to allow tun device forwarding. Other accepted values: 'yes', 'no', 'point-to-point', 'ethernet', see `man sshd_config` for more details. Note: `allow_tcp_forwarding` should be enabled together with this option.
Something like this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bobchaos this looks very good! Thanks!
If you would make rubocop happy and (optionally) squash your commits (but only your commits) to one commit (to avoid fixup commits to previsious commits) we are ready to merge! And you can be proud of a very good PR with usage of advanced git features ;-)
fixed and squashed! |
as requested by @artem-sidorenko
Signed-off-by: Marc Chamberland <mchamberland@pbsc.com>
somehow the exception is not really catched, maybe because of the lazy execution somehow. If expect is called in the usual way with () instead of {} you see the exception. Weird thing. Signed-off-by: Artem Sidorenko <artem@posteo.de>
No description provided.