[Freeipa-devel] SSH Public Key - Centralized Solution
Prashant Bapat
prashant at apigee.com
Tue Dec 23 01:40:33 UTC 2014
Hi,
We are planning to roll out FreeIPA for our AWS infrastructure to be the
central authentication service. Initially we plan to use the SSH publi
keys, user and group management by FreeIPA. We are looking at rolling out
the SSS on clients a little later.
Two questions.
1. We need to be able to ensure that a user is limited only 2-3 SSH keys.
2. We need some way of forcing these key rotation once in say 90 days.
In our existing setup we use a SSH CA based authentication. It has its own
issues. But the rotation is handled by cert expiry every 90 days.
Any suggestions/help would be appreciated.
Thanks in advance.
--Prashant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141223/86b84ca6/attachment.htm>
More information about the Freeipa-devel
mailing list