On Tuesday, November 5, 2013, Andy Doan wrote: > I don't have access to these systems, so there's nothing I can really do. > Beyond this issue, I'd like to push hard once and for all on making SSH > access to all our systems very simple. LDAP/etc are a pain and don't "just > work". We created something at Linaro[1] that can run via cron that gives a > list of launchpad users and/or groups SSH access to a system based on their > LP public keys. As users are added/removed/modified, the script handles > everything. Each user has their own account and can optionally be > configured as a sudoer on a machine by machine basis[2]. > > Its dead-simple to setup and I can't think of a reason not to just start > moving each system over to this. Can we agree to start moving to this? >
Hi Andy, IS already has a system for managing credentials across all the machines in the data centre: userdir-ldap. Is there a specific concern you have with this approach? Rick and Larry were working on getting this deployed across all our systems. Thanks!
-- Mailing list: https://launchpad.net/~canonical-ci-engineering Post to : [email protected] Unsubscribe : https://launchpad.net/~canonical-ci-engineering More help : https://help.launchpad.net/ListHelp
