summaryrefslogtreecommitdiff
path: root/doc/administration/operations
diff options
context:
space:
mode:
authorNick Thomas <nick@gitlab.com>2017-12-20 15:41:36 +0000
committerNick Thomas <nick@gitlab.com>2018-01-09 15:20:38 +0000
commitc73eb55d93f067c8e55632d38df57fdb51f08220 (patch)
tree25ab2de4f3e2f40639b3a75de62d20c1f6ae7a36 /doc/administration/operations
parent8de1bb9e74a00766c663b1cdf8c7b49ddc060caf (diff)
downloadgitlab-ce-c73eb55d93f067c8e55632d38df57fdb51f08220.tar.gz
Use the new gitlab-shell authorized-keys helper in documentation
Diffstat (limited to 'doc/administration/operations')
-rw-r--r--doc/administration/operations/fast_ssh_key_lookup.md32
1 files changed, 5 insertions, 27 deletions
diff --git a/doc/administration/operations/fast_ssh_key_lookup.md b/doc/administration/operations/fast_ssh_key_lookup.md
index b86168f935a..835ed8c8006 100644
--- a/doc/administration/operations/fast_ssh_key_lookup.md
+++ b/doc/administration/operations/fast_ssh_key_lookup.md
@@ -25,34 +25,12 @@ GitLab Shell provides a way to authorize SSH users via a fast, indexed lookup
to the GitLab database. GitLab Shell uses the fingerprint of the SSH key to
check whether the user is authorized to access GitLab.
-Create the directory `/opt/gitlab-shell` first:
-
-```bash
-sudo mkdir -p /opt/gitlab-shell
-```
-
-Create this file at `/opt/gitlab-shell/authorized_keys`:
-
-```
-#!/bin/bash
-
-if [[ "$1" == "git" ]]; then
- /opt/gitlab/embedded/service/gitlab-shell/bin/authorized_keys $2
-fi
-```
-
-Set appropriate ownership and permissions:
-
-```
-sudo chown root:git /opt/gitlab-shell/authorized_keys
-sudo chmod 0650 /opt/gitlab-shell/authorized_keys
-```
-
-Add the following to `/etc/ssh/sshd_config` or to `/assets/sshd_config` if you
-are using Omnibus Docker:
+Add the following to your `sshd_config` file. This is usuaully located at
+`/etc/ssh/sshd_config`, but it will be `/assets/sshd_config` if you're using
+Omnibus Docker:
```
-AuthorizedKeysCommand /opt/gitlab-shell/authorized_keys %u %k
+AuthorizedKeysCommand /opt/embedded/gitlab-shell/bin/gitlab-shell-authorized-keys-check git %u %k
AuthorizedKeysCommandUser git
```
@@ -70,7 +48,7 @@ Confirm that SSH is working by removing your user's SSH key in the UI, adding a
new one, and attempting to pull a repo.
> **Warning:** Do not disable writes until SSH is confirmed to be working
-perfectly because the file will quickly become out-of-date.
+perfectly, because the file will quickly become out-of-date.
In the case of lookup failures (which are not uncommon), the `authorized_keys`
file will still be scanned. So git SSH performance will still be slow for many