I don't see a way to do this currently (unless I am missing something)
but I would like to be able to specify, that in order for a user to
login, they need to use at least 1 public key from 2 separate key
sources. Specifically this would be when using "AuthenticationMethods
publickey,publickey". Right now requiring 2 public keys for
authentication will allow 2 public keys from any authorized key source
specified without distinction. I would like a way to say, require 1 key
from source A and 1 key from source B.
Like if there was a way to specify something like this for example:
AuthenticationMethods publickey[1],publickey[2]
AuthorizedKeysCommand[1] <source_a_command_script>
AuthorizedKeysCommand[2] <source_b_command_script>
and the same for AuthorizedKeysFile (for our needs multiple commands
would be fine, but might as well support it for both)
Let me also give an example of why I am interested in this, for
context. We would like to associate two different types of public keys
with each user's account. One would be a "client machine" public key
(of which there could be several, if the user is allowed to login from
multiple systems) and the other would be a public key from a user token,
such as a smartcard (we don't want 2 "client machine" public keys to be
able to be combined to bypass the user's token login). A (poor)
workaround is to use the same private key on all of the users machines
but I would prefer not to do this, both in general for security reasons
and also so that if a user's machine is lost, stolen or we just want to
deauthorize it, the pubkey for that machine can be removed from the
database.
Anyway, I don't see a way to do this currently so I thought I would
throw it out there as a potential future enhancement. Or please
enlighten me if there is some magic way to do this that I am missing ;-)
Thanks,
Jim
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev