On 2018-08-21T06:21, Stef Bon <stefbon@xxxxxxxxx> wrote: > Op di 21 aug. 2018 om 06:04 schreef Stef Bon <stefbon@xxxxxxxxx>: > > > > Hi, > > > > I'm looking for a procedure (on paper first) to provide users on hosts > > session keys to login to servers providing services like file, print > > or even access to internet or a sql db. > > > > The first step is that user has to authenticate on the local host via > > password. Paswword and usernames are centrally managed via ldap (or > > simular). > > > > The second step is that the user on host logs in to the CA server, > > using it's password, it's private key and the hostkey. > > The user dos not do that, the localhost computer does this behind the scenes. Sounds like you are reinventing Kerberos. Ciao, Alexander Wuerstlein. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev