Comments on SSH Key Management with privacyIDEA

In this tutorial I will show, how you can manage your SSH keys for all your servers and different user accounts. This is important, if you have more than one SSH key and it is even more important, if you a responsible for many different users with different SSH keys.

5 Comment(s)

Add comment

Please register in our forum first to comment.

Comments

By: cornelinux
Reply  

Please note: Most older versions of urllib2 do not support certificate checks. As of this version privacyidea-authorizedkeys relies on urllib2 this can be an attack vector by intercepting the communication and injecting a rogue SSH key. PrivacyIDEA 2 will besides several other changes use the python requests module to do the SSL communication. 

By: newbie913
Reply  

Hi, 

thank's for great tutorial, can you explain more about how to config /etc/privacyidea/authorizedkeyscommand ?

I follow the tutorial and when I do this command "privacyidea-authorizedkeys root" I have this error "Error: 'ERR1006: Error connecting to privacyIDEA service: HTTP Error 576: Logout from privacyIDEA selfservice' "

Thank's for your help

By: newbie913
Reply  

Hi again, 

"privacyidea-authorizedkeys root" now it is working, but when I try connect to specific macine it keep asking user password

Thank you for you help

By: Arthur
Reply  

I'm running into an issue where my client machine that I want users to SSH into, gives this error message when running the "privacyidea-authorizedkeys root" command:

"There is no machine with name=u\<my machine's name>"

This makes me think that I need to setup each machine I want to SSH to in the privacyIDEA server that I originally uploaded the SSH key to?

Any help on this is greatly appreciated. Thanks!

By: Cornelius
Reply  

Please report problems on the privacyIDEA Google Group. I do not get any notification on comments here.