search for: authorizedpincipalscommanduser

Displaying 2 results from an estimated 2 matches for "authorizedpincipalscommanduser".

2019 Mar 07
2
Dynamically allow users with OpenSSH?
...ren't the authorized keys/principals commands sufficient? > > $ getent group maybe-allow-these-users > maybe-allow-these-users:x:111:user1,user2,user3,user4,user5... > > Match Group maybe-allow-these-users > AuthorizedPrincipalsCommand /etc/ssh/allow_if_running_job %u > AuthorizedPincipalsCommandUser nobody > > $ cat /etc/ssh/allow_if_running_job > #!/bin/sh > ps auxgw | grep $1 && echo $1 > > the AuthorizedKeysCommand could look like > > $ cat /etc/ssh/allow_if_running_job > #!/bin/sh > ps auxgw | grep $1 && cat /home/$1/.ssh/authorized_keys > &...
2019 Mar 06
3
Dynamically allow users with OpenSSH?
Hello, how can I dynamically allow or disallow users with OpenSSH? I have some nodes that users can submit jobs to, and can optionally be handed a session to the requested node. But I want to prevent them from SSH-ing in to nodes unless they have a job running on that node. My idea was to implement libssh's callback abilities and have a script that checks the username against jobs running on