I'm trying to simplify my life by avoiding having to log in to my own account on a toolforge bastion and then become my tool. I tried dropping my public key into $HOME/.ssh/authorized_keys for my tool, but that doesn't work:
$ ssh -t tools.dyk-tools@dev.toolforge.org tools.dyk-tools@dev.toolforge.org: Permission denied (publickey,hostbased).
Am I just doing something wrong, or is toolforge set up to disallow that?
On 2/15/23 16:37, Roy Smith wrote:
Am I just doing something wrong, or is toolforge set up to disallow that?
Yes, all of Cloud VPS (including Toolforge) is configured to only load SSH keys from the developer account database.
This particular feature was requested back in 2015 in https://phabricator.wikimedia.org/T113979, although that task has not seen much activity since then.
It would be nice if that was implemented. My use case is exactly what's described in T113979; being able to scp files to my tool account. I can scp to my personal account, but then I end up with a lot of busywork getting file ownerships and permissions right (again, exactly as described in phab).
On Feb 15, 2023, at 9:50 AM, Taavi Väänänen hi@taavi.wtf wrote:
On 2/15/23 16:37, Roy Smith wrote:
Am I just doing something wrong, or is toolforge set up to disallow that?
Yes, all of Cloud VPS (including Toolforge) is configured to only load SSH keys from the developer account database.
This particular feature was requested back in 2015 in https://phabricator.wikimedia.org/T113979, although that task has not seen much activity since then.
<OpenPGP_0xEF242F709F912FBE.asc>_______________________________________________ Cloud mailing list -- cloud@lists.wikimedia.org List information: https://lists.wikimedia.org/postorius/lists/cloud.lists.wikimedia.org/