Good procedure?
Alexander Wuerstlein
arw at cs.fau.de
Tue Aug 21 22:43:09 AEST 2018
On 2018-08-21T06:21, Stef Bon <stefbon at gmail.com> wrote:
> Op di 21 aug. 2018 om 06:04 schreef Stef Bon <stefbon at gmail.com>:
> >
> > Hi,
> >
> > I'm looking for a procedure (on paper first) to provide users on hosts
> > session keys to login to servers providing services like file, print
> > or even access to internet or a sql db.
> >
> > The first step is that user has to authenticate on the local host via
> > password. Paswword and usernames are centrally managed via ldap (or
> > simular).
> >
> > The second step is that the user on host logs in to the CA server,
> > using it's password, it's private key and the hostkey.
>
> The user dos not do that, the localhost computer does this behind the scenes.
Sounds like you are reinventing Kerberos.
Ciao,
Alexander Wuerstlein.
More information about the openssh-unix-dev
mailing list