* Base fork for 4.3 docs
* [docs] external email identities and Kube Users (#3628)
* Base fork for 4.3 docs
* [docs] external email identities and Kube Users (#3628)
* Remove trailing whitespace from docs files
Some editors will do this automatically on save. This causes a lot of
diffs when editing the docs in such an editor.
Clean them up once now and we'll try to keep it tidy going forward.
* Add make rules for docs whitespace and milv
docs-test-whitespace: checks for trailing whitespace in all .md files
under docs/.
docs-fix-whitespace: removes trailing whitespace in all .md files under
docs/.
docs-test-links: runs milv in all docs/ subdirectories that have
milv.config.yaml.
docs-test: runs whitespace and links tests, used during `make docs`
* Document the new `--use-local-ssh-agent` flag for tsh
The flag is used to bypass the local SSH agent even when it's running.
Specifically, this helps with agents that don't support certs.
The flag was added in #3721
* Remove pam_script.so docs from SSH PAM page
With #3725 we now populate teleport-specific env vars in a way that's
accessible to `pam_exec.so`. There's no longer any reason to install
pam_script.so separately and duplicate our docs.
Updates #3692
* Using the correct --insecure-no-tls flag
* Run docs-fix-whitespace make rule in a busybox container
* Fixes#3414
Co-authored-by: Andrew Lytvynov <andrew@gravitational.com>
Co-authored-by: Gus Luxton <gus@gravitational.com>
Co-authored-by: Steven Martin <steven@gravitational.com>
Co-authored-by: Gus Luxton <webvictim@gmail.com>
With #3725 we now populate teleport-specific env vars in a way that's
accessible to `pam_exec.so`. There's no longer any reason to install
pam_script.so separately and duplicate our docs.
Updates #3692
Automatic creation of the data folder in teleport does the right thing -
only make it accessible to owner. All other scripts and docs should do
the same.
Updates #3701
* [docs] Add links to examples directory in Github repo.
* PR Feedback.
- Updated the Quick Start guide to link to the Production Guide instead.
Co-authored-by: Ben Arent <ben@gravitational.com>
Adding following principals:
- `localhost`
- `127.0.0.1`
- `::1`
With these, `tsh` (both `ssh` and `join`) works with a local proxy
without any SSH handshake errors.
Removed the warning from quickstart docs, but keeping `--proxy=grav-00`
since that implies to the reader that proxy is usually remote.
Fixes#2910
- consistently use "certificate" instead of "public key"
- make diagram in "local users" section match the text (user "sandra"
doesn't have access to "grav-02")
- de-duplicate docs on session streaming between auth and proxy pages
Expanded instructions to include installing BCC within a Amazon 2 Linux. Moved some instruction steps for flow since amazon 2 linux doesn't require building the bcc tools.
* Correct Msft azure ad link in docs
MSFT AzureAD link wasn't properly formatted to produce a browser. fixed
* Warning tip on federation document was not in the styling format to render correctly. Fixed.
Co-authored-by: Ben Arent <ben@gravitational.com>
The URL provided in the documentation for the tarball's checksum was
missing a `-`, and resulted in a 404 when actually trying to run the
`curl`. This adds the missing `-` so that the `curl` call will succeed
as expected.
Co-authored-by: Ben Arent <ben@gravitational.com>
* Updating gsuite ssh instructions
showing using the client id
* Changed display to match api scopes
* Update gsuite api images
* Updated gsuite instructions
Update to use the client id instead of the email of the service account for Gsuite api permissions
It's not obvious from the current wording that you are **either** running `tsh ssh` or `kubectl` - it makes it look like you first need to SSH to a node, _then_ run `kubectl`. Trying to clear that up.
Co-authored-by: Ben Arent <ben@gravitational.com>