On Thu, Aug 04, 2016 at 05:01:00PM +0200, Tiemen Ruiten wrote: > > Currently it is possible to add multiple SSH-keys for a single user in > FreeIPA. We are using this capability to grant access to multiple > contractors under a single user (so user company1, with keys A, B, C to > give access to three persons at company1). > > Unfortunately it's not possible to label these keys, so to ensure that we > can revoke access for eg. person B later on, we have to administrate this > separately. Would it be possible to add this as a feature? Or if it already > exists, could someone explain to me how to do it?
By label, do you mean an admin-friendly string for the key to make sure you remove the correct key? For ssh-rsa keys, after the second space there is a place for comments and FreeIPA's WebUI will show it when listing the keys. Would that work for you or do you need something else? -- Jan Pazdziora Senior Principal Software Engineer, Identity Management Engineering, Red Hat -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
