Skip to content

support for hardware generated certificates (MFA) using config.cfg #1763

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sandys opened this issue Mar 27, 2020 · 0 comments
Open

support for hardware generated certificates (MFA) using config.cfg #1763

sandys opened this issue Mar 27, 2020 · 0 comments

Comments

@sandys
Copy link

sandys commented Mar 27, 2020

hi,
Also want to link to an earlier request that was closed - #996

hardware keys like the epass2003 is very popular for ssh - e.g https://sigg-iten.ch/learningbits/2014/11/13/first-steps-with-the-feitian-epass2003-smart-token-in-os-x/

we generate a public/private keypair on the hardware and then copy the public key to the remote server.
Is this possible to do with algo - the only change needed is that instead of the script generating ssh keys, it will read a public key from a config file and add them to the deployed server (both when creating new or when update-users).
In fact the config.cfg users section can be enhanced to take optional user <-> public key mapping.
@sandys sandys changed the title support for hardware generated certificates (MFA) support for hardware generated certificates (MFA) using config.cfg Mar 27, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sandys