mirror of
https://github.com/Qubes-Community/Contents.git
synced 2024-12-23 06:09:29 -05:00
Update split-ssh.md
This commit is contained in:
parent
bc3c4fc82b
commit
4d9f6074c2
@ -139,33 +139,6 @@ With this configuration you'll be prompted for a password the first time you sta
|
|||||||
|
|
||||||
## Setting Up VM Interconnection
|
## Setting Up VM Interconnection
|
||||||
|
|
||||||
### In the TemplateVM to your vault VM:
|
|
||||||
|
|
||||||
1. Create the file `qubes.SshAgent` in `/etc/qubes-rpc`
|
|
||||||
|
|
||||||
- Open the file with e.g. `nano`
|
|
||||||
|
|
||||||
```shell_prompt
|
|
||||||
[user@fedora-32 ~]$ sudo nano /etc/qubes-rpc/qubes.SshAgent
|
|
||||||
```
|
|
||||||
|
|
||||||
- Paste the following contents:
|
|
||||||
|
|
||||||
```shell_prompt
|
|
||||||
#!/bin/sh
|
|
||||||
# Qubes App Split SSH Script
|
|
||||||
|
|
||||||
# safeguard - Qubes notification bubble for each ssh request
|
|
||||||
notify-send "[`qubesdb-read /name`] SSH agent access from: $QREXEC_REMOTE_DOMAIN"
|
|
||||||
|
|
||||||
# SSH connection
|
|
||||||
ncat -U $SSH_AUTH_SOCK
|
|
||||||
```
|
|
||||||
|
|
||||||
- Save and exit.
|
|
||||||
|
|
||||||
2. Shutdown the template VM.
|
|
||||||
|
|
||||||
### In `dom0`:
|
### In `dom0`:
|
||||||
|
|
||||||
1. Create the file `qubes.SshAgent` in `/etc/qubes-rpc`
|
1. Create the file `qubes.SshAgent` in `/etc/qubes-rpc`
|
||||||
@ -200,6 +173,34 @@ With this configuration you'll be prompted for a password the first time you sta
|
|||||||
|
|
||||||
2. Close the terminal. **Do not shutdown `dom0`.**
|
2. Close the terminal. **Do not shutdown `dom0`.**
|
||||||
|
|
||||||
|
### In the TemplateVM to your vault VM:
|
||||||
|
|
||||||
|
1. Create the file `qubes.SshAgent` in `/etc/qubes-rpc`
|
||||||
|
|
||||||
|
- Open the file with e.g. `nano`
|
||||||
|
|
||||||
|
```shell_prompt
|
||||||
|
[user@fedora-32 ~]$ sudo nano /etc/qubes-rpc/qubes.SshAgent
|
||||||
|
```
|
||||||
|
|
||||||
|
- Paste the following contents:
|
||||||
|
|
||||||
|
```shell_prompt
|
||||||
|
#!/bin/sh
|
||||||
|
# Qubes App Split SSH Script
|
||||||
|
|
||||||
|
# safeguard - Qubes notification bubble for each ssh request
|
||||||
|
notify-send "[`qubesdb-read /name`] SSH agent access from: $QREXEC_REMOTE_DOMAIN"
|
||||||
|
|
||||||
|
# SSH connection
|
||||||
|
ncat -U $SSH_AUTH_SOCK
|
||||||
|
```
|
||||||
|
|
||||||
|
- Save and exit.
|
||||||
|
|
||||||
|
2. Shutdown the template VM.
|
||||||
|
|
||||||
|
|
||||||
### In an SSH Client AppVM terminal
|
### In an SSH Client AppVM terminal
|
||||||
|
|
||||||
Theoretically, you can use any AppVM but to increase security it is advised to create a dedicated AppVM for your SSH connections.
|
Theoretically, you can use any AppVM but to increase security it is advised to create a dedicated AppVM for your SSH connections.
|
||||||
|
Loading…
Reference in New Issue
Block a user