golang-ldap-ssh-keys

module
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 6, 2024 License: Apache-2.0

README

Overview

pipeline status coverage report Latest Release Go Report Card

Look up SSH Public Keys from an LDAP Service! You can use this either from your SSH Server, or just the command line.

Installation

Download binaries from the release page

You can also pull from the normal devil-ops locations...check out the installing-devil-ops-packages for more info

Usage

On the command line, you can run with:

$ ldap-ssh-key-lookup some-netid
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF/9vhMdBYzVqWtN6jo/jYNje0wyZ7ukBOfFPcfJdY7i some-netid@workstation

To use this with OpenSSH, add the following to your sshd_config file:

AuthorizedKeysCommand /usr/bin/ldap-ssh-key-lookup
AuthorizedKeysCommandUser nobody

If you have SELinux set to enforcing, allow the lookup by running:

$ sudo setsebool -P authlogin_nsswitch_use_ldap 1
Configuration

This is meant to be a pretty simple app to just retrieve and print keys if they exist, so there's not a config. If you would like to change the ldap server or other options from the defaults, you can do so with the following:

export SSHKEY_LDAP_URL=ldaps://something.else.edu:636
export SSHKEY_BASEDN="dn=example.com"

This code is freely available for non-commercial use and is provided as-is with no warranty.

Directories

Path Synopsis
cmd
ldap-ssh-key-lookup
Package main is the CLI app for LDAP lookups
 Package main is the CLI app for LDAP lookups

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.