From ae0d8d3144309a3ba8973c9469d75a52ed250549 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Thu, 14 Mar 2019 09:17:36 -0400
Subject: [PATCH] explain a little more how ldapvi works

---
 tsa/howto/new-machine.mdwn | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/tsa/howto/new-machine.mdwn b/tsa/howto/new-machine.mdwn
index 70dd18ad..24c0a154 100644
--- a/tsa/howto/new-machine.mdwn
+++ b/tsa/howto/new-machine.mdwn
@@ -8,7 +8,13 @@
         grep torproject.org /etc/resolv.conf || echo 'domain torproject.org' >>  /etc/resolv.conf
         vi /etc/hosts # make sure the local host is there with both FQDN and just hostname
 
-* add to ldap on `alberti` using `ldapvi`. To generate the ssh host key block, use:
+* add to ldap on `alberti` using:
+
+        ldapvi -ZZ --encoding=ASCII --ldap-conf -h db.torproject.org -D "uid=$USER,ou=users,dc=torproject,dc=org"
+
+  Copy-paste the host block of another similar host, and change the
+  leading number to an `add`. See also the [ldapvi manual](http://www.lichteblau.com/ldapvi/manual/) for more
+  help. To generate the ssh host key block, use:
 
         for i in /etc/ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_ed25519_key.pub; do
             echo "sshRSAHostKey: `cat $i`"
-- 
GitLab