Startseite Erkunden Hilfe
Anmelden
mirrors
/
borg
Mirror von https://github.com/borgbackup/borg
2
0
Fork 0
Dateien Issues 0 Wiki
Quellcode durchsuchen

Add legacy note & normalize order

rugk vor 8 Jahren
Ursprung
b27b9894d1
Commit
41248bbab1
2 geänderte Dateien mit 11 neuen und 1 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 1 1
      docs/deployment/hosting-repositories.rst
  2. 10 0
      docs/usage/serve.rst

+ 1 - 1
docs/deployment/hosting-repositories.rst
Datei anzeigen 

@@ -29,7 +29,7 @@ SSH access to safe operations only.
 
 
 ::
 
 
-  restrict,command="borg serve --restrict-to-repository /home/<user>/repository"
 
+  command="borg serve --restrict-to-repository /home/<user>/repository",restrict
 
   <key type> <key> <key host>
 
 
 .. note:: The text shown above needs to be written on a **single** line!

+ 10 - 0
docs/usage/serve.rst
Datei anzeigen 

@@ -29,3 +29,13 @@ locations like ``/etc/environment`` or in the forced command itself (example bel
 
     $ cat ~/.ssh/authorized_keys
 
     command="export BORG_XXX=value; borg serve [...]",restrict ssh-rsa [...]
 
 
+.. note::
 
+    The examples above use the ``restrict`` directive. This does automatically
 
+    block potential dangerous ssh features, even when they are added in a future
 
+    update. Thus, this option should be prefered.
 
+    
+    If you're using openssh-server < 7.2, however, you have to explicitly specify
 
+    the ssh features to restrict and cannot simply use the restrict option as it
 
+    has been introduced in v7.2. We recommend to use
 
+    ``,no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc``
 
+    in this case.