From df3ab57449dbc9f7bf5d30e82629c5d0eb065f0b Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Tue, 19 Apr 2016 21:54:34 +0100
Subject: [PATCH] Set permissions to match ssh-keygen default

Add `use_tls` option and another `additional_principal`
---
 exampleconfig.json | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/exampleconfig.json b/exampleconfig.json
index 97d3af52..0007ffed 100644
--- a/exampleconfig.json
+++ b/exampleconfig.json
@@ -1,5 +1,6 @@
 {
   "server": {
+    "use_tls": true,
     "tls_key": "server.key",
     "tls_cert": "server.crt",
     "port": 443,
@@ -17,8 +18,8 @@
   },
   "ssh": {
     "signing_key": "signing_key",
-    "additional_principals": ["ec2-user"],
+    "additional_principals": ["ec2-user", "ubuntu"],
     "max_age": "720h",
-    "permissions": ["permit-pty"]
+    "permissions": ["permit-pty", "permit-X11-forwarding", "permit-agent-forwarding", "permit-port-forwarding", "permit-user-rc"]
   }
 }
-- 
GitLab