aboutsummaryrefslogtreecommitdiff
path: root/example-server.conf
diff options
context:
space:
mode:
authorNiall Sheridan <nsheridan@gmail.com>2017-01-10 22:51:28 +0000
committerNiall Sheridan <nsheridan@gmail.com>2017-01-14 01:15:09 +0000
commit5d7e2397226cd4c88a18658d8fc89ca0da58cc49 (patch)
tree61fa7ddd20793b8bea1c40db63461d4edd737851 /example-server.conf
parent57224ffa79aac59155a0f6a4ad47f224cac736fd (diff)
Add critical options support
Diffstat (limited to 'example-server.conf')
-rw-r--r--example-server.conf2
1 files changed, 1 insertions, 1 deletions
diff --git a/example-server.conf b/example-server.conf
index 9a20c9d..8d299fa 100644
--- a/example-server.conf
+++ b/example-server.conf
@@ -29,7 +29,7 @@ ssh {
signing_key = "signing_key" # Path to the CA signing secret key
additional_principals = ["ec2-user", "ubuntu"] # Additional principals to allow
max_age = "720h" # Maximum lifetime of a ssh certificate
- permissions = ["permit-pty", "permit-X11-forwarding", "permit-agent-forwarding", "permit-port-forwarding", "permit-user-rc"] # Permissions associated with a certificate
+ permissions = ["permit-pty", "permit-X11-forwarding", "permit-agent-forwarding", "permit-port-forwarding", "permit-user-rc", "force-command=/bin/ls"] # Permissions associated with a certificate
}
# Optional AWS config. if an aws config is present, then files (e.g. signing key or tls cert) can be read from S3 using the syntax `/s3/bucket/path/to/signing.key`.