On Thu, Aug 04, 2016 at 05:01:00PM +0200, Tiemen Ruiten wrote:
> Currently it is possible to add multiple SSH-keys for a single user in
> FreeIPA. We are using this capability to grant access to multiple
> contractors under a single user (so user company1, with keys A, B, C to
> give access to three persons at company1).
> Unfortunately it's not possible to label these keys, so to ensure that we
> can revoke access for eg. person B later on, we have to administrate this
> separately. Would it be possible to add this as a feature? Or if it already
> exists, could someone explain to me how to do it?
By label, do you mean an admin-friendly string for the key to make
sure you remove the correct key?
For ssh-rsa keys, after the second space there is a place for comments
and FreeIPA's WebUI will show it when listing the keys. Would that
work for you or do you need something else?
Senior Principal Software Engineer, Identity Management Engineering, Red Hat
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project