[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

New LDAP feature

Hi all,

I patched up the sshd on lully and imported everyone's .ssh/authorized_key
file into the LDAP directory today. It should be possible to login to
lully, without a password and without a .ssh directory on lully. 

I'd like it if everyone could test this, early results are quite
promising! Right now the only good way to see what keys I loaded into the
directory is for you is to do :

echo "show" | gpg --clearsign | mail changes@db.debian.org

[Note, ssh RSA key data is protected as strongly as your crypted password]

It will respond with your complete LDAP record, PGP encrypted - including
the ssh keys. If you want to change the loaded keys then create a normal
authorized_key file *containing all keys you want* and mail it to the
above address, it will figure out what to do.

If tests go well we will deploy this system across all the machines.


Reply to: