AuthorizedKeysCommand idea

Ángel González keisial at gmail.com
Thu Jun 20 00:26:39 EST 2013


On 19/06/13 16:10, Michael W. Lucas wrote:
> So:
>
> What about using a SQLite database, copied to all machines, and a
> simple sqlite lookup for AuthorizedKeysCommand?
>
> If a user can't log into the local machine, because PAM or no local
> account or whatever, the presence of the key shouldn't matter.
>
> For key adds/changes/deletions, I just push the new sqlite DB to all
> my machines.
>
> This seems easy. Too easy. What am I missing?
>
> Thanks,
> ==ml
That should work. What makes you think that it wouldn't?



More information about the openssh-unix-dev mailing list