AuthorizedKeysCommand

[Shogun]

14.01.13 21:22, Iain Morgan пишет:
 > On Mon, Jan 14, 2013 at 09:36:26 -0600, Katsumoto san wrote:
 >> Hi there,
 >>
 >> We could set AuthorizedKeysCommand script, this will allow only to 
replace
 >> authorized_keys file with keys stored in a database... But why this 
command
 >> is so limited?
 >>
 >> Why i can't just set a command script which will get a username and 
public
 >> key as arguments and let him do it's own authorization??
 >> I think this will allow for much more powerful tricks. For example 
do to an
 >> database lookup with keys to identify and authorize or deny access 
and so
 >> on...
 >>
 >> So is this so difficult to do? What do you all think about this?
 >>
 > I believe the intent was to minimize the risks by keeping the
 > implementation simple. However, you can embed some flexibility either
 > in the command which you invoke or, potentiall, in the repository used
 > to store the keys.
 >
 > I don't quite see the advantage of the approach that you are suggesting.
 > Could you elaborate on it a bit? What sort of "tricks" are you thinking
 > of?
More flexible doesn't mean more difficult or risky.
The advantages is like you've said flexibility, a lot of flexibility. 
The users may write custom acl's and so on... why to limit them? For ex. 
Github uses his own patched ssh which allow to lookup a database for pub 
keys, this allow to users access repos with 
git at github.com:username/repository, so git "namespace" for many users... 
and many more advantages allowed by this approach.