ssh: T6013: move principal name to "system login user <name> authentication" - vyos-1x.git - VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git)

diff options

author	Christian Breunig <christian@breunig.cc>	2025-05-20 19:49:39 +0200
committer	Christian Breunig <christian@breunig.cc>	2025-05-29 13:57:48 +0200
commit	81dfb64ebb3ea3c58c92e8f26e8610a46e4c50d2 (patch)
tree	90ff9aeae2bb90e7fd75ac5b31e08deabce9d8cd /scripts/generate-configd-include-json.py
parent	6c3b1ef2fede1e3c2b6e89060d3d645c2ba744cd (diff)
download	vyos-1x-81dfb64ebb3ea3c58c92e8f26e8610a46e4c50d2.tar.gz vyos-1x-81dfb64ebb3ea3c58c92e8f26e8610a46e4c50d2.zip

ssh: T6013: move principal name to "system login user <name> authentication"

We already support using per-user SSH public keys for system authentication. Instead of introducing a new CLI path to configure per-user principal names, we should continue using the existing CLI location and store the principal names alongside the corresponding SSH public keys. set system login user <name> principal <principal> The certificate used for SSH authentication contains an embedded principal name, which is defined under this CLI node. Only users with matching principal names are permitted to log in.

Diffstat (limited to 'scripts/generate-configd-include-json.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: