mirror of
https://github.com/OpenNebula/one.git
synced 2025-01-12 09:17:41 +03:00
a96de2f14a
* F #1473: Update SSH config and sockets - install files via install.sh script - replace crontab with systemd timer - update opennebula.service dependency - move ssh master sockets from ~oneadmin to /run/one/ssh-socks - modify ssh wrapper to not use external programs but only bash builtins - update ssh configs Signed-off-by: Petr Ospalý <pospaly@opennebula.io> * F #1473: Update SSH config and sockets * F #1473: Update SSH config and sockets * F #1473: Update SSH wrapper - rename SSH_USE_MASTER_SOCK to SSH_OPT_CONTROL_MASTER - change the logic of this directive to be a value of the SSH 'ControlMaster' option (default is 'auto') - delete the SSH_USE_MASTER_SOCK from opennebula.service (not needed anymore) Signed-off-by: Petr Ospalý <pospaly@opennebula.io> Co-authored-by: Vlastimil Holer <vholer@opennebula.io>
29 lines
1.4 KiB
Plaintext
29 lines
1.4 KiB
Plaintext
# Initial default configuration placed by opennebula-common
|
|
# package. Latest default configurations are located in
|
|
# /usr/share/one/ssh/.
|
|
|
|
###############################################################################
|
|
# WARNING: This configuration file is ONLY for OpenSSH 7.6 and newer!
|
|
###############################################################################
|
|
|
|
Host *
|
|
StrictHostKeyChecking accept-new
|
|
ServerAliveInterval 10
|
|
#############################################################################
|
|
# 'ControlMaster' is overriden by OpenNebula's drivers when needed
|
|
ControlMaster no
|
|
# The following options must be aligned with the accompanying timer/cronjob:
|
|
# opennebula-ssh-socks-cleaner (if present) which implements workaround for
|
|
# OpenSSH race condition during the closing of the master socket.
|
|
#
|
|
# 'ControlPersist' should be set to more than twice the period after which
|
|
# timer or cronjob is run - to offset the delay - e.g.: timer job is run each
|
|
# 30s then 'ControlPersist' should be at least one minute. It will also not
|
|
# change the behavior even if it set much higher or to the infinity (0) - it
|
|
# is limited by the timer/cronjob *AND* the command which is executed inside.
|
|
#
|
|
# (+) Add another 10s to give timer/cronjob a room for cleanup
|
|
ControlPersist 70s
|
|
# 'ControlPath' must be in-sync with the script run by timer/cronjob above!
|
|
ControlPath /run/one/ssh-socks/ctl-M-%C.sock
|