Re: Custom SSH Authentication

To: debian-user@lists.debian.org
Subject: Re: Custom SSH Authentication
From: "Karl E. Jorgensen" <karl.jorgensen@nice.com>
Date: Mon, 10 Sep 2012 10:47:36 +0100
Message-id: <[🔎] 20120910094736.GB11280@hawking>
In-reply-to: <[🔎] 504A6173.2050800@gmail.com>
References: <[🔎] 504A6173.2050800@gmail.com>

Hii

On Fri, Sep 07, 2012 at 10:04:51PM +0100, Alex Robbins wrote:
> I am looking to set up a custom SSH authentication system.  I have a several
> RSA key pairs for my user, and I want to restrict ssh access based on which
> key pair is being used (not based on user name).  On top of that, I want
> to restrict keys based on time of day.  In short, a certain key can only be
> used at certain times, while another key works around the clock.

Others have already responded to this part with good responses

> I am also hoping to take it a step further and say that the restricted key
> (the one that only works at certain times) also requires that a pass phrase
> be provided that changes based on an arbitrary algorithm, perhaps involving
> the time of day or date.

Hm.. on the server-side, a passphrase cannot be enforced: The
passphrase is used when decrypting the actual SSH (private) key, and
the server side will have no reliable way of telling whether a
passphrase was needed or not.

-- 
Karl E. Jorgensen

Reply to:

References:
- Custom SSH Authentication
  - From: Alex Robbins <alexdotrobbins@gmail.com>

Prev by Date: Re: Installation
Next by Date: Re: LXC container shutdowns master host
Previous by thread: Re: Custom SSH Authentication
Next by thread: new installation preserving /home partition
Index(es):
- Date
- Thread