New LDAP feature
I patched up the sshd on lully and imported everyone's .ssh/authorized_key
file into the LDAP directory today. It should be possible to login to
lully, without a password and without a .ssh directory on lully.
I'd like it if everyone could test this, early results are quite
promising! Right now the only good way to see what keys I loaded into the
directory is for you is to do :
echo "show" | gpg --clearsign | mail firstname.lastname@example.org
[Note, ssh RSA key data is protected as strongly as your crypted password]
It will respond with your complete LDAP record, PGP encrypted - including
the ssh keys. If you want to change the loaded keys then create a normal
authorized_key file *containing all keys you want* and mail it to the
above address, it will figure out what to do.
If tests go well we will deploy this system across all the machines.