Skip to content

Rendezvous server configuration

Create a custom low-privilege user on the rendezvous server. Here we'll assume the username debugci. Restrict what the user can do via SSH. Add this to your SSH server configuration.

# /etc/ssh/sshd_config
Match User debugci
  AcceptEnv no
  AllowAgentForwarding no
  AllowStreamLocalForwarding no
  AllowTcpForwarding remote
  AuthenticationMethods publickey
  ForceCommand tail -f /dev/null
  PermitTTY no
  X11Forwarding no