AuthorizedKeysCommand question

Damien Miller djm at mindrot.org
Fri Apr 5 10:43:03 EST 2013


On Thu, 4 Apr 2013, Bostjan Skufca wrote:

> Hi,
> 
> is there a particular reason why this feature is "user" based and not
> "user-pubkey" based?
> 
> What I mean is that it works for installation with small number of pubkeys
> per user.
> But imagine i.e. a GitHub scale - all users logging in as user "git". On
> each auth request all the keys from database would be fetched and feeded to
> OpenSSH.

There's a bug for this:

https://bugzilla.mindrot.org/show_bug.cgi?id=2081

We're considering exposing the public key to the command, perhaps in an
environment variable.

-d


More information about the openssh-unix-dev mailing list