Project Description

SSH key distribution solution that is in comply with POSIX LDAP requirements and UserDB usernames. The existing LDAP service will be used for the distribution of the SSH keys.

Goal for this Hackweek

Build up the solution as PoC for SSH key distribution that meets requirements for UserDB usernames.

Step by step guide: 1. Backup the existing slapd.conf (on all of the servers), backup LDAP data. 2. Copy the public keys from the mounted user directories locally and sort them by usernames. 3. Configure SSSD by adding required attributes. 4. As it is not a good practice to modify existing schema, will add a new one. 5. SSHD configuration to point to ssssshauthorizedkeys 6. Test client server and check it's configuration

Out of scope

Server side implementation of the privacyIDEA endpoints.

Resources

Looking for hackers with the skills:

ssh key-distribution privacyidea pam packaging

This project is part of:

Hack Week 23

Activity

  • 7 months ago: kstaneva joined this project.
  • 8 months ago: uncomfyhalomacro liked this project.
  • 8 months ago: mkoci joined this project.
  • 8 months ago: thavel joined this project.
  • 8 months ago: vgrinco started this project.
  • 8 months ago: vgrinco added keyword "ssh" to this project.
  • 8 months ago: vgrinco added keyword "key-distribution" to this project.
  • 8 months ago: vgrinco added keyword "privacyidea" to this project.
  • 8 months ago: vgrinco added keyword "pam" to this project.
  • 8 months ago: vgrinco added keyword "packaging" to this project.
  • 8 months ago: vgrinco originated this project.

  • Comments

    Be the first to comment!

    Similar Projects

    Nodes Overview by lrangasamy

    [comment]: # (Please use the project descriptio...


    openSUSE on ZoL from OpenZFS project by jkohoutek

    Idea is to have SUSE system with OpenZFS as roo...


    A set of utilities to produce a "from scratch" OCI/Docker container using Opensuse/SLE rpms by ldragon

    [comment]: # (Please use the project descriptio...


    LSP server for SPEC files by mcepl

    Has anybody ever heard about RPM Spec LSP serve...


    Update Haskell ecosystem in Tumbleweed to GHC-9.6.x by psimons

    [comment]: # (Please use the project descriptio...