Feature #67
open
Feature #46: add ssh-token support for authentication with OTPme daemons
Implement deployment of SSH public keys
Added by The 2nd almost 9 years ago.
Updated over 8 years ago.
Start date:
18 December 2015
Description
- OTPme hostd/noded should deploy SSH public keys of tokens assigend to their host
- We may use openssh's AuthorizedKeysCommand for this
- Status changed from Neu to In Bearbeitung
- % Done changed from 0 to 80
This feature is implemented now as follows:
- SSH tokens can be assigned to roles, accessgroups, nodes, hosts and groups
- Key options (e.g. command) can be configured when assigning a token
- Each node/host requests the list with assigned SSH keys in an configurable interval from the master node
- OTPme can be configured to require a valid signature (e.g. from an admin) for each SSH key
- Policies like "autodisable" and "logintimes" are honored on client side to make them work without connection to the master node
Also available in: Atom
PDF