|
|
|
|
|
|
by withinboredom
1450 days ago
|
|
|
If you use GitHub, you have your public keys available: https://GitHub.com/withinboredom.keys. Replace my username with yours or whoever. There’s an option in sshd to run a program that should output the contents of an authorized keys file: AuthorizedKeysCommand So you write a simple bash script or program to output authorized keys based on your own rules. If you want stronger auth, check out libnss-ato which can allow you to masquerade as root if the user is authorized. (In your authorized key script, check if the user is in your org and/or part of a certain team, if so, output their public keys, otherwise, output nothing). I really should open source my code, but it’s literally only 5-6 lines of code, and 3 lines of configuration. |
|
|