I'm not seeing if this has been asked in the past. Has there been discussion about implementing facilities with OpenSSH for having it pull "Match" rules from a central repository, namely LDAP or a RESTAPI service? Scott Fields Kyndryl Senior Lead SRE ? BNSF
On Tue, 11 Jun 2024, SCOTT FIELDS wrote:> I'm not seeing if this has been asked in the past. > > Has there been discussion about implementing facilities with OpenSSH > for having it pull "Match" rules from a central repository, namely > LDAP or a RESTAPI service?You could probably hack something together using the exising ssh_config "Match exec" and "Include" directives here. E.g. Match !final exec "~/bin/download-config-ephemeral" Match any Include ~/.ssh/config-ephemeral
Apparently Analagous Threads
- OpenSSH - Central repository for "Match" rules
- OpenSSH - Central repository for "Match" rules
- OpenSSH - Central repository for "Match" rules
- How to determine which cipher was used to encrypt OpenSSH private keys
- How to determine which cipher was used to encrypt OpenSSH private keys