[Freeipa-devel] Requiring simultaneous authentication to Linux resources
Fraser Tweedale
ftweedal at redhat.com
Wed Feb 22 22:55:51 UTC 2017
On Wed, Feb 22, 2017 at 10:00:04AM -0500, Simo Sorce wrote:
> On Wed, 2017-02-22 at 10:59 +0000, Oucema Bellagha wrote:
> > I want to figure out a solution which allow user"a" to authenticate to
> > a host only when user"b" is accessing the host for security reasons.
> >
> >
> > Easy explanation: authenticate to hostx needs (user a + user b)
> >
> >
> > I'm brainstorming some ideas using Yubikey or ssh-keys.. Is there any
> > application which allow us to access a host only when 2 users are
> > present cause putty doesn't have this feature which can be a step to
> > solve this problem ..
> >
> >
> > Or in applying some specified rules in IPA itself ?
>
> As explained, there is no such concept in Unix/Linux to start with, but
> maybe you mean that you want to check credentials of 2 different users
> to allow privileged login, like root login ?
>
If this is the use case, it could be an interesting application for
clevis.
> Or is this something else ?
>
> It'd be nice if you can describe precisely what actions and results you
> expect to see.
>
> Simo.
>
> --
> Simo Sorce * Red Hat, Inc * New York
>
> --
> Manage your subscription for the Freeipa-devel mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-devel
> Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
More information about the Freeipa-devel
mailing list