karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ciprian Ciubotariu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (KARAF-5418) SSH public key authentication from LDAP
Date Wed, 11 Oct 2017 21:50:02 GMT

     [ https://issues.apache.org/jira/browse/KARAF-5418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ciprian Ciubotariu updated KARAF-5418:
--------------------------------------
    Priority: Minor  (was: Blocker)

> SSH public key authentication from LDAP
> ---------------------------------------
>
>                 Key: KARAF-5418
>                 URL: https://issues.apache.org/jira/browse/KARAF-5418
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-security
>            Reporter: Ciprian Ciubotariu
>            Priority: Minor
>              Labels: security
>
> We have an environment with multiple karaf instances deployed, all authenticating SSH
connections using the username/password mechanism from a LDAP server. Repeatedly logging into
these servers requires copy-pasting passwords from the keychain, which ... well, can lead
to leaks and is also annoying after a while. At the same time hosts are is easier with SSH
keys, which we also store in LDAP.
> I have created a LDAP public-key authentication module to karaf following the file-based
PubkeyLoginModule, and I want to contribute it to karaf. Github PR to follow.
> To use it one has to use the same JAAS module settings as for {{LDAPLoginModule}}, but
with class {{LDAPPubkeyLoginModule}} and an added configuration option {{user.pubkey.attribute}}.
Any attribute can be used to store the public key(s), such as the {{publicKey}} attribute
from {{objectClass: extensibleObject}}. You'll find complete examples in tests.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message