add zero width space before _ to escape formatting.
This commit is contained in:
Florian Obser
parent
f7e52783d4
commit
67544e97bc
@ -19,10 +19,10 @@ My ansible orchestration host needs to be able to talk to new machines
|
||||
over ssh. New machines need to talk to the backup server over ssh and
|
||||
submit passive check results over ssh to the monitoring server. The
|
||||
monitoring server needs to talk to new hosts over ssh[fn:: I don't
|
||||
trust nrpe. I have seen the code. Instead I use ~by_ssh~ to monitor
|
||||
trust nrpe. I have seen the code. Instead I use ~by_ssh~ to monitor
|
||||
hosts. Ansible adds an ssh public-key to a monitoring user with a
|
||||
force-command. The force-command is a shell-script switching over
|
||||
~${SSH_ORIGINAL_COMMAND}~ to run specific check_commands. It does not
|
||||
~${SSH_ORIGINAL_COMMAND}~ to run specific check_commands. It does not
|
||||
trust the remote ssh at all.].
|
||||
|
||||
So we have the issue of existing infrastructure needing to verify
|
||||
@ -38,7 +38,7 @@ facilities to store host-keys in SSHFP resource records in DNS and we
|
||||
can secure those with DNSSEC.
|
||||
|
||||
* VerifyHostKeyDNS
|
||||
[[https://man.openbsd.org/ssh_config.5#VerifyHostKeyDNS][ssh_config(5)]] explains how [[https://man.openbsd.org/ssh.1][ssh(1)]] can use SSHFP records to verify
|
||||
[[https://man.openbsd.org/ssh_config.5#VerifyHostKeyDNS][ssh_config(5)]] explains how [[https://man.openbsd.org/ssh.1][ssh(1)]] can use SSHFP records to verify
|
||||
host-keys:
|
||||
#+begin_example
|
||||
VerifyHostKeyDNS
|
||||
|
||||
Loading…
Reference in New Issue
Block a user