karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré (JIRA) <j...@apache.org>
Subject [jira] [Assigned] (KARAF-5418) SSH public key authentication from LDAP
Date Mon, 23 Oct 2017 05:59:00 GMT

     [ https://issues.apache.org/jira/browse/KARAF-5418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Jean-Baptiste Onofré reassigned KARAF-5418:

    Assignee: Jean-Baptiste Onofré

> SSH public key authentication from LDAP
> ---------------------------------------
>                 Key: KARAF-5418
>                 URL: https://issues.apache.org/jira/browse/KARAF-5418
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-security
>            Reporter: Ciprian Ciubotariu
>            Assignee: Jean-Baptiste Onofré
>            Priority: Minor
>              Labels: security
>             Fix For: 4.2.0, 4.1.3
> We have an environment with multiple karaf instances deployed, all authenticating SSH
connections using the username/password mechanism from a LDAP server. Repeatedly logging into
these servers requires copy-pasting passwords from the keychain, which ... well, can lead
to leaks and is also annoying after a while. At the same time hosts are is easier with SSH
keys, which we also store in LDAP.
> I have created a LDAP public-key authentication module to karaf following the file-based
PubkeyLoginModule, and I want to contribute it to karaf. Github PR to follow.
> To use it one has to use the same JAAS module settings as for {{LDAPLoginModule}}, but
with class {{LDAPPubkeyLoginModule}} and an added configuration option {{user.pubkey.attribute}}.
Any attribute can be used to store the public key(s), such as the {{publicKey}} attribute
from {{objectClass: extensibleObject}}. You'll find complete examples in tests.

This message was sent by Atlassian JIRA

View raw message