Changes
Page history
another yubikey touch trick, for cumin
authored
Apr 17, 2024
by
anarcat
Show whitespace changes
Inline
Side-by-side
howto/cumin.md
View page @
4abd7d22
...
@@ -81,6 +81,21 @@ and will simply show which hosts match the request:
...
@@ -81,6 +81,21 @@ and will simply show which hosts match the request:
[
briefly described in the Wikimedia docs
]:
https://wikitech.wikimedia.org/wiki/Cumin#PuppetDB_host_selection
[
briefly described in the Wikimedia docs
]:
https://wikitech.wikimedia.org/wiki/Cumin#PuppetDB_host_selection
[
parallel-ssh
]:
https://code.google.com/archive/p/parallel-ssh/
[
parallel-ssh
]:
https://code.google.com/archive/p/parallel-ssh/
## Disabling touch confirmation
If running a command that takes longer than a few seconds, the
cryptographic token will eventually block future connections and
prompt for physical confirmation. This typically is not too much
of a problem for short commands, but for long-running jobs, this can
lead to timeouts if the operator is distracted.
The best way to workaround this problem is to
*temporarily*
disable
touch confirmation, for example with:
ykman openpgp keys set-touch aut off
cumin '*' ': some long running command'
ykman openpgp keys set-touch aut on
# Discussion
# Discussion
## Alternatives considered
## Alternatives considered
...
...
...
...
