Hi, We are planning to roll out FreeIPA for our AWS infrastructure to be the central authentication service. Initially we plan to use the SSH publi keys, user and group management by FreeIPA. We are looking at rolling out the SSS on clients a little later.
Two questions. 1. We need to be able to ensure that a user is limited only 2-3 SSH keys. 2. We need some way of forcing these key rotation once in say 90 days. In our existing setup we use a SSH CA based authentication. It has its own issues. But the rotation is handled by cert expiry every 90 days. Any suggestions/help would be appreciated. Thanks in advance. --Prashant
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel