propellor config for hosts.
git clone git://
Log | Files | Refs | LICENSE

comment_1_3bc008e42587a3313f81ee740d7d80f0._comment (612B)

      1 [[!comment format=mdwn
      2  username=""
      3  ip=""
      4  subject="comment 1"
      5  date="2014-04-21T13:31:13Z"
      6  content="""
      7 Running propellor that way would probably need ssh to allocate a tty in order for sudo's password prompt to work. And it adds complexity. Does it add security? I don't think so, PermitRootLogin=without-password or PasswordAuthentication=no is not going to let anyone brute force the root account.
      9 PermitRootLogin=forced-commands-only might be worth making easy to set up, so the only command that can be run with some special propellor-specific ssh key is propellor.
     10 """]]