You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
User would like to be able to allow a specific group of users on the tailnet SSH access. The users are defined as under a specific domain, however, they have a GitHub org tailnet and are unable to use localpart:*@<domain> because it is a shared domain.
Error: [ssh] symphonyfs.org.github is a shared domain and cannot be used in user:*@<domain> expressions
How should we solve this?
Something like autogroup:self, or a representation of self as the user.
What is the impact of not solving this?
The option left is to use autogroup:nonroot. This allows users to login to any machine as any user, and doesn't specify access based on the user's domain/username.
Anything else?
No response
The text was updated successfully, but these errors were encountered:
What are you trying to do?
User would like to be able to allow a specific group of users on the tailnet SSH access. The users are defined as under a specific domain, however, they have a GitHub org tailnet and are unable to use
localpart:*@<domain>
because it is a shared domain.Example:
Error:
[ssh] symphonyfs.org.github is a shared domain and cannot be used in user:*@<domain> expressions
How should we solve this?
Something like
autogroup:self
, or a representation ofself
as the user.What is the impact of not solving this?
The option left is to use
autogroup:nonroot
. This allows users to login to any machine as any user, and doesn't specify access based on the user's domain/username.Anything else?
No response
The text was updated successfully, but these errors were encountered: