Merge pull request #1688 from cdr/fix-typos

Improve clarity in guide and fix typo in FAQ
This commit is contained in:
Anmol Sethi 2020-05-19 18:20:06 -04:00 committed by GitHub
commit 078571d267
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 5 deletions

View File

@ -108,7 +108,7 @@ only to HTTP requests.
You can use [Let's Encrypt](https://letsencrypt.org/) to get an SSL certificate
for free.
Again, Please follow [./guide.md](./guide.md) for our recommendations on setting up and using code-server.
Again, please follow [./guide.md](./guide.md) for our recommendations on setting up and using code-server.
## How do I securely access web services?

View File

@ -94,11 +94,13 @@ systemctl --user enable --now code-server
**Never**, **ever** expose `code-server` directly to the internet without some form of authentication
and encryption as someone can completely takeover your machine with the terminal.
There are several approaches to securely operating and exposing code-server.
By default, code-server will enable password authentication which will
require you to copy the password from the code-server config file to login. You
can also set a custom password with `$PASSWORD`.
require you to copy the password from the code-server config file to login. Since it
cannot use TLS by default, it will listen on `localhost` to avoid exposing itself
to the world. This is fine for testing but will not work if you want to access `code-server`
from a different machine.
There are several approaches to securely operating and exposing code-server.
**tip**: You can list the full set of code-server options with `code-server --help`