rsnt_translations
56,430
edits
Automation in the context of multifactor authentication/fr: Difference between revisions
Automation in the context of multifactor authentication/fr (view source)
Revision as of 20:51, 25 January 2024
, 9 months agoCreated page with "=== <code>restrict</code> === This constraint disables port forwarding, agent forwarding, and X11 forwarding. It also disables the pseudo teletype (PTY), blocking most interactive workloads. This is required because these automation nodes are not intended to be used to start long-running or interactive processes. Regular login nodes must be used instead."
(Updating to match new version of source page) |
(Created page with "=== <code>restrict</code> === This constraint disables port forwarding, agent forwarding, and X11 forwarding. It also disables the pseudo teletype (PTY), blocking most interactive workloads. This is required because these automation nodes are not intended to be used to start long-running or interactive processes. Regular login nodes must be used instead.") |
||
| Line 16: | Line 16: | ||
</div> | </div> | ||
=== <code>restrict</code> === | === <code>restrict</code> === | ||
This constraint disables port forwarding, agent forwarding, and X11 forwarding. It also disables the pseudo teletype (PTY), blocking most interactive workloads. This is required because these automation nodes are not intended to be used to start long-running or interactive processes. Regular login nodes must be used instead. | This constraint disables port forwarding, agent forwarding, and X11 forwarding. It also disables the pseudo teletype (PTY), blocking most interactive workloads. This is required because these automation nodes are not intended to be used to start long-running or interactive processes. Regular login nodes must be used instead. | ||
=== <code>from="pattern-list"</code> === | === <code>from="pattern-list"</code> === | ||
This constraint specifies that the key can only be used from IP addresses that match the patterns. This is to ensure that this key is not used from computers other than the ones intended. The patterns list must include only IP addresses that fully specify at least the network class, the network, and the subnet, which are the first 3 sections of an IP address. For example, <code>192.168.*.*</code> would not be accepted, but <code>192.168.1.*</code> would be accepted. | This constraint specifies that the key can only be used from IP addresses that match the patterns. This is to ensure that this key is not used from computers other than the ones intended. The patterns list must include only IP addresses that fully specify at least the network class, the network, and the subnet, which are the first 3 sections of an IP address. For example, <code>192.168.*.*</code> would not be accepted, but <code>192.168.1.*</code> would be accepted. | ||
<div lang="en" dir="ltr" class="mw-content-ltr"> | <div lang="en" dir="ltr" class="mw-content-ltr"> | ||