Fwd: [Proposal] Add ability to read authorized keys from shell script instead of file

Constantine theaspect at gmail.com
Wed Oct 23 16:05:24 EST 2013


Well, it is almost what I speak about, but single user as param is not
enough. We have setup with shared folder and all keys owned by single user.
What if add requested key as second param to increase selectivity?

2013/10/22 Damien Miller <djm at mindrot.org>

> On Tue, 22 Oct 2013, Constantine wrote:
>
> > File authorized_keys is unusable for mass key storage and manipulation. I
> > wan to store keys in something like mysql server, but It will add big
> > unwanted dependency to package. What if we use auth_rsa.c but instead
> > search in file send key to some script and read sigle return value if key
> > finded and empty if not. I think it will be very customizable.
>
> You mean like AuthorizedKeysCommand in OpenSSH 6.2?
>
>
>
-- 
With Best Regards,
Constantine


More information about the openssh-unix-dev mailing list