Creating users "on - the - fly"

Daniel Kahn Gillmor dkg at
Sat Feb 7 05:47:48 AEDT 2015

On Fri 2015-02-06 13:10:10 -0500, Cary FitzHugh wrote:
> I guess I didn't want to litter the users table either - it just seems
> "wrong" to be actually adding things to the host when it is really so
> transient.  It feels like it should be LDAP-ish.  Just ask the server
> for the keys and do a one-off authentication.  But I've seen even LDAP
> creates the user directories.

you can use libnss-ldap to have a dynamic user table pulled from LDAP,
if that's what you want.  You don't need to touch any local file on the
host if you just want to look up your users over the network.

Or you can write your own name service switch extension that does the
same.  for GNU systems, see:


More information about the openssh-unix-dev mailing list