ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-01-09 08:47:50 +08:00
Code Issues Projects Releases Packages Wiki Activity
the-bastion/doc/sphinx/plugins/restricted/whoHasAccessTo.rst
Stéphane Lesimple fde20136ef
Initial commit
2020-10-20 14:30:27 +00:00

49 lines
1.5 KiB
ReStructuredText
Raw Blame History

===============
whoHasAccessTo
===============
List the accounts that have access to a given server
====================================================
.. admonition:: usage
:class: cmdusage
--osh whoHasAccessTo --host SERVER [OPTIONS]
.. program:: whoHasAccessTo
.. option:: --host SERVER
List declared accesses to this server
.. option:: --user USER
Remote user allowed (if not specified, ignore user specifications)
.. option:: --port PORT
Remote port allowed (if not specified, ignore port specifications)
.. option:: --ignore-personal
Don't check accounts' personal accesses (i.e. only check groups)
.. option:: --ignore-group GROUP
Ignore accesses by this group, if you know GROUP public key is in fact
not present on remote server but bastion thinks it is
.. option:: --show-wildcards
Also list accesses that match because 0.0.0.0/0 is listed in a group or private access,
this is disabled by default because this is almost always just noise (see Note below)
Note: This list is what the bastion THINKS is true, which means that if some group has 0.0.0.0/0 in its list,
then it'll show all the members of that group as having access to the machine you're specifying, through this group key.
This is only true if the remote server does have the group key installed, of course, which the bastion
can't tell without trying to connect "right now" (which it won't do).
Reference in a new issue View git blame Copy permalink