Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/administration/operations
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-10-20 11:43:02 +0300
committerGitLab Bot <gitlab-bot@gitlab.com>2021-10-20 11:43:02 +0300
commitd9ab72d6080f594d0b3cae15f14b3ef2c6c638cb (patch)
tree2341ef426af70ad1e289c38036737e04b0aa5007 /doc/administration/operations
parentd6e514dd13db8947884cd58fe2a9c2a063400a9b (diff)
Add latest changes from gitlab-org/gitlab@14-4-stable-eev14.4.0-rc42
Diffstat (limited to 'doc/administration/operations')
-rw-r--r--doc/administration/operations/fast_ssh_key_lookup.md14
-rw-r--r--doc/administration/operations/moving_repositories.md2
-rw-r--r--doc/administration/operations/ssh_certificates.md7
3 files changed, 13 insertions, 10 deletions
diff --git a/doc/administration/operations/fast_ssh_key_lookup.md b/doc/administration/operations/fast_ssh_key_lookup.md
index e30ad4d8248..8aa5af4c2bf 100644
--- a/doc/administration/operations/fast_ssh_key_lookup.md
+++ b/doc/administration/operations/fast_ssh_key_lookup.md
@@ -104,12 +104,12 @@ In the case of lookup failures (which are common), the `authorized_keys`
file is still scanned. So Git SSH performance would still be slow for many
users as long as a large file exists.
-To disable any more writes to the `authorized_keys` file:
+To disable writes to the `authorized_keys` file:
1. On the top bar, select **Menu > Admin**.
1. On the left sidebar, select **Settings > Network**.
1. Expand **Performance optimization**.
-1. Clear the **Write to "authorized_keys" file** checkbox.
+1. Clear the **Use authorized_keys file to authenticate SSH keys** checkbox.
1. Select **Save changes**.
Again, confirm that SSH is working by removing your user's SSH key in the UI,
@@ -123,10 +123,14 @@ or for asking users to re-add their keys.
This is a brief overview. Please refer to the above instructions for more context.
-1. [Rebuild the `authorized_keys` file](../raketasks/maintenance.md#rebuild-authorized_keys-file)
-1. Enable writes to the `authorized_keys` file in Application Settings
+1. [Rebuild the `authorized_keys` file](../raketasks/maintenance.md#rebuild-authorized_keys-file).
+1. Enable writes to the `authorized_keys` file.
+ 1. On the top bar, select **Menu > Admin**.
+ 1. On the left sidebar, select **Settings > Network**.
+ 1. Expand **Performance optimization**.
+ 1. Select the **Use authorized_keys file to authenticate SSH keys** checkbox.
1. Remove the `AuthorizedKeysCommand` lines from `/etc/ssh/sshd_config` or from `/assets/sshd_config` if you are using Omnibus Docker.
-1. Reload `sshd`: `sudo service sshd reload`
+1. Reload `sshd`: `sudo service sshd reload`.
## Compiling a custom version of OpenSSH for CentOS 6
diff --git a/doc/administration/operations/moving_repositories.md b/doc/administration/operations/moving_repositories.md
index 61a9ec8e7d4..8aeaadc17e9 100644
--- a/doc/administration/operations/moving_repositories.md
+++ b/doc/administration/operations/moving_repositories.md
@@ -27,7 +27,7 @@ For more information, see:
querying and scheduling snippet repository moves.
- [The API documentation](../../api/group_repository_storage_moves.md) details the endpoints for
querying and scheduling group repository moves **(PREMIUM SELF)**.
-- [Migrate to Gitaly Cluster](../gitaly/index.md#migrate-to-gitaly-cluster).
+- [Migrating to Gitaly Cluster](../gitaly/index.md#migrating-to-gitaly-cluster).
### Move Repositories
diff --git a/doc/administration/operations/ssh_certificates.md b/doc/administration/operations/ssh_certificates.md
index 814e742b026..77dc4eb180b 100644
--- a/doc/administration/operations/ssh_certificates.md
+++ b/doc/administration/operations/ssh_certificates.md
@@ -21,8 +21,7 @@ upload the new keys to GitLab.
WARNING:
OpenSSH version 6.9+ is required because that version
introduced the `AuthorizedPrincipalsCommand` configuration option. If
-using CentOS 6, you can [follow these
-instructions](fast_ssh_key_lookup.html#compiling-a-custom-version-of-openssh-for-centos-6)
+using CentOS 6, you can [follow these instructions](fast_ssh_key_lookup.md#compiling-a-custom-version-of-openssh-for-centos-6)
to compile an up-to-date version.
## Why use OpenSSH certificates?
@@ -132,8 +131,8 @@ requirement for it, we effectively only care about the "key ID" being
correct. Once that's extracted GitLab enforces its own ACLs for
that user (for example, what projects the user can access).
-So it's OK to e.g. be overly generous in what you accept, since if the
-user e.g. has no access to GitLab at all it just errors out with a
+It's therefore fine to be overly generous in what you accept. For example, if the user has no access
+to GitLab, an error is produced with a message about an invalid user.
message about this being an invalid user.
## Interaction with the `authorized_keys` file
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 04:07:00 +0300