Authentication using federated identity

Chris Rapier rapier at psc.edu
Fri Feb 9 05:10:09 AEDT 2024


I know that there are some methods to use federated identities (e.g. 
OAuth2) with SSH authentication but, from what I've seen, they largely 
seem clunky and require users to interact with web browsers to get one 
time tokens. Which is sort of acceptable for occasional logins but 
doesn't work with automated/scripted actions.

I'm just wondering if anyone has done any work on this or has thoughts 
on it. I know it would be useful in some contexts (in my case, cross 
realm access of independent yet federated services that are pretty 
common in R&E HPC communities (e.g. ACCESS)).

Chris


More information about the openssh-unix-dev mailing list