Edit two guides for Cloud users #11419
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ptgott
force-pushed
the
paul.gottschling/10634-2
branch
from
53df07e to
05e59f4
Compare
ulysseskan
reviewed
Mar 25, 2022
ulysseskan
reviewed
Mar 25, 2022
ulysseskan
approved these changes
Mar 25, 2022
ptgott
force-pushed
the
paul.gottschling/10634-2
branch
3 times, most recently
from
11597aa to
73aed09
Compare
zmb3
reviewed
Apr 1, 2022
| @@ -4,19 +4,22 @@ description: How to configure Teleport SSH with PAM (Pluggable Authentication Mo | |||
| h1: Pluggable Authentication Modules (PAM) | |||
| --- | |||
|
|
|||
| Teleport's node service can be configured to integrate with [PAM](https://en.wikipedia.org/wiki/Linux_PAM). | |||
| Teleport's Node Service can be configured to integrate with | |||
There was a problem hiding this comment.
Should we say SSH Service instead of Node Service?
| title: Using TSH | ||
| description: Using TSH command line tool | ||
| h1: TSH command line tool | ||
| title: Using the TSH Command Line Tool |
There was a problem hiding this comment.
tsh is not an acronym, I don't think we should capitalize it like this.
ptgott
force-pushed
the
paul.gottschling/10634-2
branch
from
73aed09 to
1d5a391
Compare
ptgott
force-pushed
the
paul.gottschling/10634-2
branch
3 times, most recently
from
0929c0d to
37b0197
Compare
ptgott
force-pushed
the
paul.gottschling/10634-2
branch
from
37b0197 to
026ee3c
Compare
zmb3
approved these changes
Apr 15, 2022
PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits
ptgott
force-pushed
the
paul.gottschling/10634-2
branch
from
026ee3c to
c3bd020
Compare
ptgott
added a commit
that referenced
this pull request
Apr 20, 2022
Backports #11419 * Edit two guides for Cloud users PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits * Respond to PR feedback Clarify two guides and two intro pages Backports #11913 * Clarify two guides and two intro pages See #11841 Make the Adding Nodes guide more usable for Cloud - Add a ca_pin preset - Clarify that tctl must be run on the local machine for Cloud users - Structure the guide as a step-by-step tutorial. The guide already included sequences of sample commands, so all this took was to rename headings according to the "Step n/d." format and move the CA pinning section into the section on starting the Node. - Add environment variables to use for storing a CA pin and invite token to sample commands, plus piped commands to extract these strings from the output of tctl commands. - Use a ScopedBlock to hide the Node Tunneling section for Cloud users - Indicate that the --auth-server flag in "teleport start" requires a port. Add intros to the Admin and Operations menu pages - Clarify the purpose of the Admin Guides and Operations sections by adding an intro paragraph to each page. Since these sections are similar in scope, I added links from one to the other with statements about how the two sections differ. - Replace lists of links with Tiles. GitHub SSO - Move the step to create an OAuth app out of the Prerequisites and into its own step. This makes it easier to give the instructions to use a specific callback URL proper space. - Be more explicit about the rp_ip value. - Add explicit instructions for logging in to the cluster after creating the auth preference, including screenshots of expected results. * Fix wording and linter issues following PR review * Respond to PR feedback Remove a misleading instruction re: CA pinning. Also move some text about CA pinning to a more appropriate location. Edit four Access Controls pages for Cloud users Backports #11826 * Edit four Access Controls pages for Cloud users See #10638 Access Controls Getting Started guide - Add a tabbed Prerequisites section for users of different scopes - Use a ScopedBlock to show OIDC and SAML instructions as Tabs for commercial Teleport users and GitHub instructions for OSS Teleport users - Light style/grammar/clarity edits Role Templates - Tabbed Prerequisites section for different scopes - Adjust the visibility of minor details using ScopedBlocks Locking - Add a scoped Tabs component to the Prerequisites section - Add a ScopedBlock to hide CLI- and config file-specific instructions from Cloud users. WebAuthn - Add scoped Tabs to the Prerequisites section - Move Tabs with TabItems for static configurations and dynamic resources into ScopedBlocks. This way, we don't have to show static configuration instructions to Cloud users. - Remove duplicate config field explanations. - Minor style/grammar edits * Respond to PR feedback - Change verbiage re: belonging to a role - Remove U2F migration section
ptgott
added a commit
that referenced
this pull request
Apr 20, 2022
Edit two guides for Cloud users Backports #11419 * Edit two guides for Cloud users PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits * Respond to PR feedback Clarify two guides and two intro pages Backports #11913 * Clarify two guides and two intro pages See #11841 Make the Adding Nodes guide more usable for Cloud - Add a ca_pin preset - Clarify that tctl must be run on the local machine for Cloud users - Structure the guide as a step-by-step tutorial. The guide already included sequences of sample commands, so all this took was to rename headings according to the "Step n/d." format and move the CA pinning section into the section on starting the Node. - Add environment variables to use for storing a CA pin and invite token to sample commands, plus piped commands to extract these strings from the output of tctl commands. - Use a ScopedBlock to hide the Node Tunneling section for Cloud users - Indicate that the --auth-server flag in "teleport start" requires a port. Add intros to the Admin and Operations menu pages - Clarify the purpose of the Admin Guides and Operations sections by adding an intro paragraph to each page. Since these sections are similar in scope, I added links from one to the other with statements about how the two sections differ. - Replace lists of links with Tiles. GitHub SSO - Move the step to create an OAuth app out of the Prerequisites and into its own step. This makes it easier to give the instructions to use a specific callback URL proper space. - Be more explicit about the rp_ip value. - Add explicit instructions for logging in to the cluster after creating the auth preference, including screenshots of expected results. * Fix wording and linter issues following PR review * Respond to PR feedback Remove a misleading instruction re: CA pinning. Also move some text about CA pinning to a more appropriate location. Edit four Access Controls pages for Cloud users Backports #11826 * Edit four Access Controls pages for Cloud users See #10638 Access Controls Getting Started guide - Add a tabbed Prerequisites section for users of different scopes - Use a ScopedBlock to show OIDC and SAML instructions as Tabs for commercial Teleport users and GitHub instructions for OSS Teleport users - Light style/grammar/clarity edits Role Templates - Tabbed Prerequisites section for different scopes - Adjust the visibility of minor details using ScopedBlocks Locking - Add a scoped Tabs component to the Prerequisites section - Add a ScopedBlock to hide CLI- and config file-specific instructions from Cloud users. WebAuthn - Add scoped Tabs to the Prerequisites section - Move Tabs with TabItems for static configurations and dynamic resources into ScopedBlocks. This way, we don't have to show static configuration instructions to Cloud users. - Remove duplicate config field explanations. - Minor style/grammar edits * Respond to PR feedback - Change verbiage re: belonging to a role - Remove U2F migration section
ptgott
added a commit
that referenced
this pull request
Apr 21, 2022
Edit two guides for Cloud users Backports #11419 * Edit two guides for Cloud users PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits * Respond to PR feedback Clarify two guides and two intro pages Backports #11913 * Clarify two guides and two intro pages See #11841 Make the Adding Nodes guide more usable for Cloud - Add a ca_pin preset - Clarify that tctl must be run on the local machine for Cloud users - Structure the guide as a step-by-step tutorial. The guide already included sequences of sample commands, so all this took was to rename headings according to the "Step n/d." format and move the CA pinning section into the section on starting the Node. - Add environment variables to use for storing a CA pin and invite token to sample commands, plus piped commands to extract these strings from the output of tctl commands. - Use a ScopedBlock to hide the Node Tunneling section for Cloud users - Indicate that the --auth-server flag in "teleport start" requires a port. Add intros to the Admin and Operations menu pages - Clarify the purpose of the Admin Guides and Operations sections by adding an intro paragraph to each page. Since these sections are similar in scope, I added links from one to the other with statements about how the two sections differ. - Replace lists of links with Tiles. GitHub SSO - Move the step to create an OAuth app out of the Prerequisites and into its own step. This makes it easier to give the instructions to use a specific callback URL proper space. - Be more explicit about the rp_ip value. - Add explicit instructions for logging in to the cluster after creating the auth preference, including screenshots of expected results. * Fix wording and linter issues following PR review * Respond to PR feedback Remove a misleading instruction re: CA pinning. Also move some text about CA pinning to a more appropriate location. Edit four Access Controls pages for Cloud users Backports #11826 * Edit four Access Controls pages for Cloud users See #10638 Access Controls Getting Started guide - Add a tabbed Prerequisites section for users of different scopes - Use a ScopedBlock to show OIDC and SAML instructions as Tabs for commercial Teleport users and GitHub instructions for OSS Teleport users - Light style/grammar/clarity edits Role Templates - Tabbed Prerequisites section for different scopes - Adjust the visibility of minor details using ScopedBlocks Locking - Add a scoped Tabs component to the Prerequisites section - Add a ScopedBlock to hide CLI- and config file-specific instructions from Cloud users. WebAuthn - Add scoped Tabs to the Prerequisites section - Move Tabs with TabItems for static configurations and dynamic resources into ScopedBlocks. This way, we don't have to show static configuration instructions to Cloud users. - Remove duplicate config field explanations. - Minor style/grammar edits * Respond to PR feedback - Change verbiage re: belonging to a role - Remove U2F migration section
ptgott
added a commit
that referenced
this pull request
Apr 21, 2022
Backports #11419 * Edit two guides for Cloud users PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits * Respond to PR feedback Clarify two guides and two intro pages Backports #11913 * Clarify two guides and two intro pages See #11841 Make the Adding Nodes guide more usable for Cloud - Add a ca_pin preset - Clarify that tctl must be run on the local machine for Cloud users - Structure the guide as a step-by-step tutorial. The guide already included sequences of sample commands, so all this took was to rename headings according to the "Step n/d." format and move the CA pinning section into the section on starting the Node. - Add environment variables to use for storing a CA pin and invite token to sample commands, plus piped commands to extract these strings from the output of tctl commands. - Use a ScopedBlock to hide the Node Tunneling section for Cloud users - Indicate that the --auth-server flag in "teleport start" requires a port. Add intros to the Admin and Operations menu pages - Clarify the purpose of the Admin Guides and Operations sections by adding an intro paragraph to each page. Since these sections are similar in scope, I added links from one to the other with statements about how the two sections differ. - Replace lists of links with Tiles. GitHub SSO - Move the step to create an OAuth app out of the Prerequisites and into its own step. This makes it easier to give the instructions to use a specific callback URL proper space. - Be more explicit about the rp_ip value. - Add explicit instructions for logging in to the cluster after creating the auth preference, including screenshots of expected results. * Fix wording and linter issues following PR review * Respond to PR feedback Remove a misleading instruction re: CA pinning. Also move some text about CA pinning to a more appropriate location. Edit four Access Controls pages for Cloud users Backports #11826 * Edit four Access Controls pages for Cloud users See #10638 Access Controls Getting Started guide - Add a tabbed Prerequisites section for users of different scopes - Use a ScopedBlock to show OIDC and SAML instructions as Tabs for commercial Teleport users and GitHub instructions for OSS Teleport users - Light style/grammar/clarity edits Role Templates - Tabbed Prerequisites section for different scopes - Adjust the visibility of minor details using ScopedBlocks Locking - Add a scoped Tabs component to the Prerequisites section - Add a ScopedBlock to hide CLI- and config file-specific instructions from Cloud users. WebAuthn - Add scoped Tabs to the Prerequisites section - Move Tabs with TabItems for static configurations and dynamic resources into ScopedBlocks. This way, we don't have to show static configuration instructions to Cloud users. - Remove duplicate config field explanations. - Minor style/grammar edits * Respond to PR feedback - Change verbiage re: belonging to a role - Remove U2F migration section
ptgott
added a commit
that referenced
this pull request
Apr 21, 2022
Edit two guides for Cloud users Backports #11419 * Edit two guides for Cloud users PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits * Respond to PR feedback Clarify two guides and two intro pages Backports #11913 * Clarify two guides and two intro pages See #11841 Make the Adding Nodes guide more usable for Cloud - Add a ca_pin preset - Clarify that tctl must be run on the local machine for Cloud users - Structure the guide as a step-by-step tutorial. The guide already included sequences of sample commands, so all this took was to rename headings according to the "Step n/d." format and move the CA pinning section into the section on starting the Node. - Add environment variables to use for storing a CA pin and invite token to sample commands, plus piped commands to extract these strings from the output of tctl commands. - Use a ScopedBlock to hide the Node Tunneling section for Cloud users - Indicate that the --auth-server flag in "teleport start" requires a port. Add intros to the Admin and Operations menu pages - Clarify the purpose of the Admin Guides and Operations sections by adding an intro paragraph to each page. Since these sections are similar in scope, I added links from one to the other with statements about how the two sections differ. - Replace lists of links with Tiles. GitHub SSO - Move the step to create an OAuth app out of the Prerequisites and into its own step. This makes it easier to give the instructions to use a specific callback URL proper space. - Be more explicit about the rp_ip value. - Add explicit instructions for logging in to the cluster after creating the auth preference, including screenshots of expected results. * Fix wording and linter issues following PR review * Respond to PR feedback Remove a misleading instruction re: CA pinning. Also move some text about CA pinning to a more appropriate location. Edit four Access Controls pages for Cloud users Backports #11826 * Edit four Access Controls pages for Cloud users See #10638 Access Controls Getting Started guide - Add a tabbed Prerequisites section for users of different scopes - Use a ScopedBlock to show OIDC and SAML instructions as Tabs for commercial Teleport users and GitHub instructions for OSS Teleport users - Light style/grammar/clarity edits Role Templates - Tabbed Prerequisites section for different scopes - Adjust the visibility of minor details using ScopedBlocks Locking - Add a scoped Tabs component to the Prerequisites section - Add a ScopedBlock to hide CLI- and config file-specific instructions from Cloud users. WebAuthn - Add scoped Tabs to the Prerequisites section - Move Tabs with TabItems for static configurations and dynamic resources into ScopedBlocks. This way, we don't have to show static configuration instructions to Cloud users. - Remove duplicate config field explanations. - Minor style/grammar edits * Respond to PR feedback - Change verbiage re: belonging to a role - Remove U2F migration section
ptgott
added a commit
that referenced
this pull request
Apr 21, 2022
* Edit two guides for Cloud users PAM guide - Minor style/clarity/grammar edits - Use a ScopedBlock to hide Cloud-irrelevant information in the MOTD section - The organization of the original guide was a bit scrambled, so I attempted to reorganize it into a form that made more sense. Tsh guide - Use ScopedBlocks to provide scope-relevant information. - Mention Machine ID in the "### SSH certificates for automation" section. - Misc grammar/clarity/style edits * Respond to PR feedback
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PAM guide
section
attempted to reorganize it into a form that made more sense.
Tsh guide
Use ScopedBlocks to provide scope-relevant information.
Mention Machine ID in the "### SSH certificates for automation"
section.
Misc grammar/clarity/style edits