On ma, 19 joulu 2016, Oucema Bellagha wrote:
I'm looking for an option - eventually to extend standard ssh - in such
a way that I need (at least) two people/keys out of m possible to
authenticate a session instead of one out of m known once...
e.g:
to authenticate to server X : I need two people A and (B or C) together.
anyone seen this or know how to do?
I know there is key + password (which is kind of this direction) but
not exactly what I'm looking for...
You can use the very same directive AuthenticationMethods to ask for
multiple keys too.
AuthenticationMethods "publickey,publickey,publickey"
would require three different public keys to authenticate.
However, there is nothing in SSH protocol that would enforce different
people to be involved at the client side.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
