Openssh, operator controlled authorized_keys
- From: "stephen pierce" <cerilus@xxxxxxxxx>
- Date: Tue, 7 Mar 2006 16:48:03 -0800
I want to control access to my machines via public keys. I'm
implanting the private key in a smartcard-like token, and giving the
tokens to people for access. They'll use the tokens like smartcards,
and ssh-agent can use those RSA keys on the tokens.
However, I don't want people to authorize other public keys (ie, not
on physical tokens) after they've logged in.
How do I configure openssh so that it'll permit a public key for a
user, without giving the user the oppertunity to change/add public
keys to the authorized list?
Also, is there a way to have a single file with the authorized keys
for *all* users? Like /etc/shadow, but for public keys rather than
passwrods.
Thanks.
Steve
- Follow-Ups:
- Re: Openssh, operator controlled authorized_keys
- From: Tan Dang
- RE: Openssh, operator controlled authorized_keys
- From: Patrick Morris
- Re: Openssh, operator controlled authorized_keys
- Prev by Date: Re: CVS repos.
- Next by Date: RE: Openssh, operator controlled authorized_keys
- Previous by thread: CVS repos.
- Next by thread: RE: Openssh, operator controlled authorized_keys
- Index(es):
Relevant Pages
|
