Closed dmcd closed 1 year ago
@dmcd so did you end up getting it all working? =)
Yes, its working nicely with the above template. I couldn't get the ssh audit logs working but I might revisit that at some point.
Well done @dmcd ! Looks non-trivial.
couldn't get the ssh audit logs working but I might revisit that at some point.
Not sure if this is related to (https://github.com/cloudposse/bastion/issues/25), but it's impossible to log sessions with ProxyCommand
because it's an encrypted tunnel. =)
For that, may need to use teleport.
Hi I am using this template as a basis for docker compose but I can't get the github-authorized-keys container to find the adduser executable. I am running this on a amazon linux box, with the same exact environment variables. This is the error I keep getting.
{"job":"syncUsers","level":"error","msg":"fork/exec '$(pwd)/usr/sbin/adduser: no such file or directory","subsystem":"jobs","time":"2018-10-01T16:30:17Z"}
this looks like your running something like '$(pwd)/usr/sbin/adduser'
vs "$(pwd)/usr/sbin/adduser"
; meaning the $(pwd)
is not being interpolated.
Also, just want to point out that nearly every linux distro has a different arg format for adduser
, which is why we've templatized it. You may need to alter the command templates.
from README
@osterman thanks for the quick reply, turns out that in the .env file I was using I was wrapping the value in single quotes '' just needed to remove them.
wonderful! glad you got it all sorted out.
@osterman I feel like I am very close to getting this to work. For some reason I keep getting this error when I start the compose network and try to ssh from a different shell.
PAM: Permission denied
I am also seeing 'error: exit code 2' when the initial users are added. Are there some permissions I might be missing, I am using amazon linux btw
@kc1116 do you mind posting the Docker Compose file?
This bastion host is bloody useful and will save our team an enormous effort, thanks!
I had a little trouble working out how to run this on ECS so I'm posting my cloudformation template here for anyone that is looking to do the same: