Displaying 1 result from an estimated 1 matches for "lpk_openldap".
2013 Jun 19
4
AuthorizedKeysCommand idea
...problem with it escapes
me. I'm looking for someone to tell me why this is a bad idea.
The new OpenSSH includes the AuthorizedKeysCommand, which was mostly
added to let people use a command to look up user keys in LDAP.
LDAP key lookup have some limitations -- specifically, the common
openssh-lpk_openldap schema won't let you add restrictions at the
front of the key. This didn't matter so much when the LPK patch was
such a pain, but now that OpenSSH can actually do this out of the box
I'd like to use it.
So:
What about using a SQLite database, copied to all machines, and a
simple sqlit...