SSH key distribution solution
a project by vgrinco
Updated almost 2 years ago. 1 hackers ♥️. 5 followers.

Project Description

SSH key distribution solution that is in comply with POSIX LDAP requirements and UserDB usernames. The existing LDAP service will be used for the distribution of the SSH keys.

Goal for this Hackweek

Build up the solution as PoC for SSH key distribution that meets requirements for UserDB usernames.

Step by step guide: 1. Backup the existing slapd.conf (on all of the servers), backup LDAP data. 2. Copy the public keys from the mounted user directories locally and sort them by usernames. 3. Configure SSSD by adding required attributes. 4. As it is not a good practice to modify existing schema, will add a new one. 5. SSHD configuration to point to ssssshauthorizedkeys 6. Test client server and check it's configuration

Out of scope

Server side implementation of the privacyIDEA endpoints.

Resources

Join this project

Looking for hackers with the skills:

ssh key-distribution privacyidea pam packaging

This project is part of:

Hack Week 23

Activity

  • about 2 years ago: kstaneva joined this project.
  • about 2 years ago: uncomfyhalomacro liked this project.
  • about 2 years ago: mkoci joined this project.
  • about 2 years ago: thavel joined this project.
  • about 2 years ago: vgrinco started this project.
  • about 2 years ago: vgrinco added keyword "ssh" to this project.
  • about 2 years ago: vgrinco added keyword "key-distribution" to this project.
  • about 2 years ago: vgrinco added keyword "privacyidea" to this project.
  • about 2 years ago: vgrinco added keyword "pam" to this project.
  • about 2 years ago: vgrinco added keyword "packaging" to this project.
  • about 2 years ago: vgrinco originated this project.


    • Comments

    Be the first to comment!

    Similar Projects

    (Finish) Implementing SSH in Zig by lmulling

    Description

    Following Zig's philosophy of reinventing the wheel -- for the better, a while ago I've started implementing the ssh protocol in it. I've got as far as implementing all of the primitives, keys, certs, and most of the agent protocol -- what I needed at the time. Now, the aim is to finish the implementation.

    Current implementation: git.sr.ht/~mulling/zssh

    Goals

    • Have a working implementation of the ssh protocol in Zig.
    • Be flexible, as to allow for hacking of the protocol (i.e. testing PQC algorithms).
    • Be agnostic of cryptography libraries (i.e. libcrypto, leancrypto).

    Resources

    GHC-9.14 and split Hadrian from GHC build by osukup

    Description

    Prepare openSUSE Tumbleweed project for new GHC Haskell compiler and separate builder (Hadrian) from GHC build

    Goals

    • have GHC-9.14 project with working compiler and if possible filled with packageset
    • have Hadrian in own package built with bootstrap compiler to separate Hadrian bootstrap from ghc bootstrap

    Resources

    devel:languages:haskell

    d:l:h:ghc-9.12.x

    opensuse Haskell rpm macros

    opensuse haskell package gen project