[Freeipa-users] label for public keys
Jan Pazdziora
jpazdziora at redhat.com
Thu Aug 4 15:10:31 UTC 2016
On Thu, Aug 04, 2016 at 05:01:00PM +0200, Tiemen Ruiten wrote:
>
> Currently it is possible to add multiple SSH-keys for a single user in
> FreeIPA. We are using this capability to grant access to multiple
> contractors under a single user (so user company1, with keys A, B, C to
> give access to three persons at company1).
>
> Unfortunately it's not possible to label these keys, so to ensure that we
> can revoke access for eg. person B later on, we have to administrate this
> separately. Would it be possible to add this as a feature? Or if it already
> exists, could someone explain to me how to do it?
By label, do you mean an admin-friendly string for the key to make
sure you remove the correct key?
For ssh-rsa keys, after the second space there is a place for comments
and FreeIPA's WebUI will show it when listing the keys. Would that
work for you or do you need something else?
--
Jan Pazdziora
Senior Principal Software Engineer, Identity Management Engineering, Red Hat
More information about the Freeipa-users
mailing list