Katsumoto san shogun147 at
Tue Jan 15 02:36:26 EST 2013

Hi there,

We could set AuthorizedKeysCommand script, this will allow only to replace
authorized_keys file with keys stored in a database... But why this command
is so limited?

Why i can't just set a command script which will get a username and public
key as arguments and let him do it's own authorization??
I think this will allow for much more powerful tricks. For example do to an
database lookup with keys to identify and authorize or deny access and so

So is this so difficult to do? What do you all think about this?


More information about the openssh-unix-dev mailing list