enhance: Improve SSH access docs and document Newt auth env vars#91
Open
LaurenceJJones wants to merge 2 commits intofosrl:mainfrom
Open
enhance: Improve SSH access docs and document Newt auth env vars#91LaurenceJJones wants to merge 2 commits intofosrl:mainfrom
LaurenceJJones wants to merge 2 commits intofosrl:mainfrom
Conversation
LaurenceJJones
commented
Apr 1, 2026
|
|
||
| <CardGroup cols={2}> | ||
| <Card title="Newt (site connector)" icon="plug" href="#option-1-newt-as-the-auth-daemon-same-host"> | ||
| <Card title="Newt Host" icon="plug" href="#configure-ssh-on-the-newt-host"> |
LaurenceJJones
commented
Apr 1, 2026
| Runs as a daemon and handles SSH for the host it runs on. Use this when the machine you want to SSH into is the same server running Newt. | ||
| </Card> | ||
| <Card title="Auth daemon" icon="server" href="#option-2-external-auth-daemon-ssh-on-another-server-that-doesn%E2%80%99t-run-newt"> | ||
| <Card title="Hosts Behind Newt" icon="server" href="#configure-ssh-on-hosts-behind-newt"> |
Member
Author
There was a problem hiding this comment.
Dont know about revert, since "auth daemon" doesnt really explain what these two mean?
LaurenceJJones
commented
Apr 1, 2026
|
|
||
| After the resource exists and access is granted, proceed with [Option 1](#option-1-newt-as-the-auth-daemon-same-host) or [Option 2](#option-2-external-auth-daemon-different-servers) below. | ||
| 1. Each SSH target gets its own **private resource**. | ||
| 2. That resource decides **how Pangolin reaches that host**. |
Member
Author
There was a problem hiding this comment.
maybe refactor "how pangolin reaches" should be "How clients will connect to host"
LaurenceJJones
commented
Apr 1, 2026
|
|
||
| Use this when you want to SSH into servers that **do not** run Newt. One host runs Newt (e.g. as a bastion); each target server runs the Pangolin auth daemon as an extension of Newt. The client connects to the target by going **through** Newt—Newt proxies the SSH connection to the auth daemon and SSH server on each target. | ||
|
|
||
| ```mermaid |
Member
Author
There was a problem hiding this comment.
lost this mermaid, revert this back
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Change ssh access documents to be a better flow between options instead of providing a simple 1,2 for each step.