LPK integration - summary and ideas

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Jul 4 13:40:33 EST 2010


On 06/10/2010 10:03 AM, Jan Chadima wrote:
> please look at 
> https://bugzilla.mindrot.org/show_bug.cgi?id=1663
> there is a patch solving the above requests
> + some ldap backend also

A group of monkeysphere developers just reviewed the patchset associated
with 1663.  It appears to handle modular key-based authentication from
the server's perspective (that is, allowing the server to authorize the
connecting users, but not the other way around).  This is good, and
we're happy to see it.

We noticed a few concerns about the code, and provided an updated
patchset along with an explanation about our changes in the comments on
the bz issue.

I'd be happy to get feedback on the proposed changes.  It would be great
to get this functionality folded into OpenSSH if possible, though i
think the LDAP and monkeysphere authorization backends should be
distributed separately from OpenSSH.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 892 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20100703/a4411eca/attachment.bin>


More information about the openssh-unix-dev mailing list