Comments (2)
Nice feature, but you'd still have to fetch the SSH keys for that account as well. SSHPortal, which we used before, utilized a kind of "invitation" scheme for that. It would send a mail message to the new user and provide a special SSH user token. Once the new account connected via SSH to the portal, the public ssh key would be stored for that user account.
from warpgate.
Hi,
Apologies for the late answer, been busy lately.
The idea I had in mind was to leverage Warpgate's ability to NOT require additional client-side software to generate dynamically an SSH certificate if the SSO request was granted. (I'm using Vault to generate SSH certificates) That way, there would be no need to store public keys anywhere, as the certificate would be injected into the backend SSH connection.
This would enable the dynamic creation of short-lived SSH certificates, thus greatly enhancing security in a corporate-wide context.
Cheers,
from warpgate.
Related Issues (20)
- VS Code Remote Development over Warpgate
- Unable to use Both ssh key and in-browser at same time on target HOT 2
- Check permissions before rewrite
- Nodesource setup script is deprecated
- Any credential with SSO and public key credentials available for user asks for password in specific circumstances for SSH HOT 1
- Change in permissions enforcement HOT 2
- SSO - Store some additional user information
- Looking for an explanation of all the available config options in warpgate.yaml HOT 1
- [Enhancement] Show raw hash when configuring OTP
- Compatible with Docker Swarm ? HOT 2
- [Enhancement] Add menu when ssh'ing that allows you to select a host HOT 1
- [FeatureReq]Multi-User-Config per Server
- [BUG] Login asks for OTP key when none is associated with the account. HOT 1
- Database migration does not work with PostgreSQL
- Option to enable insecure SSH algos per-target - not working HOT 1
- log file transfers over scp HOT 2
- log file transfers over scp HOT 1
- Can't SSH into a VM HOT 6
- Fido2 Token
- ssh kept closing after connection
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from warpgate.