Skip to main content
Мы публикуем частые обновления нашей документации, и перевод этой страницы может все еще выполняться. Актуальные сведения см. в документации на английском языке.
В настоящее время GitHub AE находится в ограниченном выпуске.
All products
Административные руководители предприятия

Применение политик для параметров безопасности в вашем предприятии

В этой статье

Вы можете применять политики для управления параметрами безопасности в организациях предприятия или разрешить настройку политик в каждой организации.

Кто может использовать эту функцию

Enterprise owners can enforce policies for security settings in an enterprise.

About policies for security settings in your enterprise

You can enforce policies to control the security settings for organizations owned by your enterprise on GitHub AE. By default, organization owners can manage security settings.

Managing SSH certificate authorities for your enterprise

You can use a SSH certificate authorities (CA) to allow members of any organization owned by your enterprise to access that organization's repositories using SSH certificates you provide. You can require that members use SSH certificates to access organization resources, unless SSH is disabled in your repository. For more information, see "About SSH certificate authorities."

When you issue each client certificate, you must include an extension that specifies which GitHub AE user the certificate is for. For more information, see "About SSH certificate authorities."

Adding an SSH certificate authority

If you require SSH certificates for your enterprise, enterprise members should use a special URL for Git operations over SSH. For more information, see "About SSH certificate authorities."

Each certificate authority can only be uploaded to one account on GitHub.com. If an SSH certificate authority has been added to an organization or enterprise account, you cannot add the same certificate authority to another organization or enterprise account on GitHub.com.

  1. In the top-right corner of GitHub AE, click your profile photo, then click Enterprise settings.

    A screenshot of the drop-down menu that appears when you click the profile photo on GitHub Enterprise Server. The "Enterprise settings" option is highlighted in a dark orange outline.

  2. In the enterprise account sidebar, click Settings.

  3. Under Settings, click Authentication security.

  4. To the right of "SSH Certificate Authorities", click New CA.

  5. Under "Key," paste your public SSH key.

  6. Click Add CA.

  7. Optionally, to require members to use SSH certificates, select Require SSH Certificates, then click Save.

    Note: When you require SSH certificates, the requirement does not apply to authorized OAuth Apps and GitHub Apps or to GitHub features such as GitHub Actions, which are trusted environments within the GitHub ecosystem.

Deleting an SSH certificate authority

Deleting a CA cannot be undone. If you want to use the same CA in the future, you'll need to upload the CA again.

  1. In the top-right corner of GitHub AE, click your profile photo, then click Enterprise settings.

    A screenshot of the drop-down menu that appears when you click the profile photo on GitHub Enterprise Server. The "Enterprise settings" option is highlighted in a dark orange outline.

  2. In the enterprise account sidebar, click Settings.

  3. Under Settings, click Authentication security.

  4. Under "SSH Certificate Authorities", to the right of the CA you want to delete, click Delete.

  5. Read the warning, then click I understand, please delete this CA.

Further reading