[Bug 1927] New: authorized_credentials (aka authorized_keys for GSSAPI-MIC)
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Aug 22 09:59:40 EST 2011
https://bugzilla.mindrot.org/show_bug.cgi?id=1927
Bug #: 1927
Summary: authorized_credentials (aka authorized_keys for
GSSAPI-MIC)
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p2
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: matthew.nygard.dodd at gmail.com
Created attachment 2076
--> https://bugzilla.mindrot.org/attachment.cgi?id=2076
Patch against CVS implementing the above.
Gives GSSAPI-MIC the same options capability currently provided for
public key logins by the AuthorizedKeysFile.
Uses krb5_principal_match() to support widcard matches.
Uses percent_expand() to expand tokens for:
%c credential USER[/INSTANCE]@REALM
%h homedir /home/user
%u username user
%n cred name USER
%i cred instance INSTANCE
%r cred realm REALM
My intended application:
# cat ~svn/.ssh/authorized_credentials
command="/usr/bin/svnserve -t -r /var/svn/ --tunnel-user=%n" */svn@%r
# cat ~git/.ssh/authorized_credentials
command="gitosis-serve %c" */%r
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list