RE: Creating users "on - the - fly"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Just jumping in, from following the discussion...

So store the public key as an attribute in the LDAP database?

-----Original Message-----
From: openssh-unix-dev [mailto:openssh-unix-dev-bounces+scott_n=xypro.com@xxxxxxxxxxx] On Behalf Of Daniel Kahn Gillmor
Sent: Friday, February 06, 2015 10:48 AM
To: Cary FitzHugh
Cc: openssh-unix-dev@xxxxxxxxxxx
Subject: Re: Creating users "on - the - fly"

On Fri 2015-02-06 13:10:10 -0500, Cary FitzHugh wrote:
> I guess I didn't want to litter the users table either - it just seems 
> "wrong" to be actually adding things to the host when it is really so 
> transient.  It feels like it should be LDAP-ish.  Just ask the server 
> for the keys and do a one-off authentication.  But I've seen even LDAP 
> creates the user directories.

you can use libnss-ldap to have a dynamic user table pulled from LDAP, if that's what you want.  You don't need to touch any local file on the host if you just want to look up your users over the network.

Or you can write your own name service switch extension that does the same.  for GNU systems, see:

https://www.gnu.org/software/libc/manual/html_node/Name-Service-Switch.html

     --dkg
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux