mirror/borg
1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2025-03-03 18:27:01 +00:00
Code Issues Releases Wiki Activity

Add legacy note & normalize order

Browse source
This commit is contained in:
rugk 2017-06-23 14:50:00 +02:00
parent b27b9894d1
commit 41248bbab1
No known key found for this signature in database
GPG key ID: 05D40A636AFAB34D
2 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/deployment/hosting-repositories.rst
View file

@ -29,7 +29,7 @@ SSH access to safe operations only.
::
restrict,command="borg serve --restrict-to-repository /home/<user>/repository"
command="borg serve --restrict-to-repository /home/<user>/repository",restrict
<key type> <key> <key host>
.. note:: The text shown above needs to be written on a **single** line!

10
docs/usage/serve.rst
View file

@ -29,3 +29,13 @@ locations like ``/etc/environment`` or in the forced command itself (example bel
$ cat ~/.ssh/authorized_keys
command="export BORG_XXX=value; borg serve [...]",restrict ssh-rsa [...]
.. note::
The examples above use the ``restrict`` directive. This does automatically
block potential dangerous ssh features, even when they are added in a future
update. Thus, this option should be prefered.
If you're using openssh-server < 7.2, however, you have to explicitly specify
the ssh features to restrict and cannot simply use the restrict option as it
has been introduced in v7.2. We recommend to use
``,no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc``
in this case.