RE: OpenSSH - Central repository for "Match" rules

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Except you'd need to cycle SSHD to pickup any changes/updates.
________________________________
From: Damien Miller <djm@xxxxxxxxxxx>
Sent: Wednesday, June 12, 2024 9:28 PM
To: SCOTT FIELDS <Scott.Fields@xxxxxxxxxxx>
Cc: openssh-unix-dev@xxxxxxxxxxx <openssh-unix-dev@xxxxxxxxxxx>
Subject: [EXTERNAL] Re: OpenSSH - Central repository for "Match" rules

On Tue, 11 Jun 2024, SCOTT FIELDS wrote:

> I'm not seeing if this has been asked in the past.
>
> Has there been discussion about implementing facilities with OpenSSH
> for having it pull "Match" rules from a central repository, namely
> LDAP or a RESTAPI service?

You could probably hack something together using the exising ssh_config
"Match exec" and "Include" directives here. E.g.

Match !final exec "~/bin/download-config-ephemeral"
Match any
        Include ~/.ssh/config-ephemeral

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux