[Bug 57752] New: fetch ssh authorized_keys via LDAP

bugzilla-daemon Fri, 29 Nov 2013 08:46:36 -0800

https://bugzilla.wikimedia.org/show_bug.cgi?id=57752


       Web browser: ---
            Bug ID: 57752
           Summary: fetch ssh authorized_keys via LDAP
           Product: Wikimedia Labs
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: Unprioritized
         Component: Infrastructure
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected], [email protected]
    Classification: Unclassified
   Mobile Platform: ---

The ssh public keys of users are retrieved from a NFS share /public/keys using
in sshd_config:

 AuthorizedKeysFile    /etc/ssh/userkeys/%u/.ssh/authorized_keys

The OpenSSH in Ubuntu saucy supports a new command AuthorizedKeysCommand which
would let us retrieve the public keys directly from LDAP.

Ubuntu bug:
 https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/911747

Example configuration:

 AuthorizedKeysCommand "/usr/libexec/openssh/ssh-pubkey-helper -s %u"



We can't really deploy that on our labs instance right now since they are using
Precise. So I am logging this bug for later on.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 57752] New: fetch ssh authorized_keys via LDAP

Reply via email to