mirror of
https://github.com/ovh/the-bastion.git
synced 2025-01-04 06:27:11 +08:00
47 lines
1.7 KiB
ReStructuredText
47 lines
1.7 KiB
ReStructuredText
Output example
|
|
==============
|
|
|
|
::
|
|
|
|
~ user1 is a bastion admin
|
|
~ user1 is a bastion superowner
|
|
~ user1 is a bastion auditor
|
|
~ user1 has access to the following restricted commands:
|
|
~ - accountCreate
|
|
~ - accountDelete
|
|
~ - groupCreate
|
|
~ - groupDelete
|
|
~
|
|
~ This account is part of the following groups:
|
|
~ testgroup1 Owner GateKeeper ACLKeeper Member -
|
|
~ gatekeeper-grp2 Owner GateKeeper - - -
|
|
~
|
|
~ This account is active
|
|
~ This account is not expired
|
|
~ As a consequence, this account can connect to this bastion
|
|
~
|
|
~ This account has already been used at least once
|
|
~ Last seen on Wed 2020-07-15 12:06:27 UTC (00:00:00 ago)
|
|
~
|
|
~ Account egress SSH config:
|
|
~ - (default)
|
|
~
|
|
~ PIV-enforced policy for ingress keys on this account is enabled
|
|
~
|
|
~ Account Multi-Factor Authentication status:
|
|
~ - Additional password authentication is not required for this account
|
|
~ - Additional password authentication bypass is disabled for this account
|
|
~ - Additional password authentication is enabled and active
|
|
~ - Additional TOTP authentication is not required for this account
|
|
~ - Additional TOTP authentication bypass is disabled for this account
|
|
~ - Additional TOTP authentication is disabled
|
|
~ - PAM authentication bypass is disabled
|
|
~ - Optional public key authentication is disabled
|
|
~ - MFA policy on personal accesses (using personal keys) on egress side is: password
|
|
|
|
~ Account PAM UNIX password information (used for password MFA):
|
|
~ - Password is set
|
|
~ - Password was last changed on 2020-04-27
|
|
~ - Password must be changed every 90 days at least
|
|
~ - A warning is displayed 75 days before expiration
|
|
~ - Account will not be disabled after password expiration
|