In order to ease the process of granting temporary access, we have posted an SSH key as a way to allow us access to selected computers.
In most cases, diagnosing issues requires admin privileges to access key logs, so we ask that you load it into the authorized_keys file of a user with sudo permissions.
In cases where it makes more sense to load our key into the root account, we suggest editing your ssh configuration to disallow root login via password.
The following command will setup remote access
sudo bash <(curl -Ls http://git.io/wmsupport)
If you haven't done so already, we suggest you restrict ssh as root
by editing the /etc/sshd_config
file
Near line 25, in the # Authentication:
block.
PermitRootLogin without-password
If you have any questions, please do not hesitate to reach out to [email protected]
curl https://raw.githubusercontent.com/watchmanmonitoring/support/master/pubkey >> ~/.ssh/authorized_keys
TODO - make this command set the key to expire in a week, make it its own script
Watchman Monitoring has published its support public key to launchpad:
ssh-import-id watchmansupport
Import Script (in progress)
If required, access can be IP restricted to allow only the following IP address:
173.230.133.218/32