Page MenuHomeDevCentral

Provision ~/.yubico/authorized_yubikeys files
ClosedPublic

Authored by dereckson on Feb 18 2018, 14:02.
Tags
None
Referenced Files
F35331005: D1332.id3418.diff
Thu, Jul 9, 11:49
F35330945: D1332.id3419.diff
Thu, Jul 9, 11:49
F35330912: D1332.id3417.diff
Thu, Jul 9, 11:49
F35325742: D1332.diff
Thu, Jul 9, 10:39
Unknown Object (File)
Tue, Jul 7, 16:09
Unknown Object (File)
Mon, Jul 6, 06:50
Unknown Object (File)
Fri, Jul 3, 23:40
Unknown Object (File)
Fri, Jul 3, 22:37
Subscribers
None

Details

Summary

If a bastion allows an OTP authentication through yubikeys as PAM module,
it needs to read such keys in ~/.yubico/authorized_yubikeys.

This changes provisions such file through the shellusers pillar entry.

Test Plan
$ cat ~/.yubico/authorized_yubikeys 
dereckson:ccccccbjncrt

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson created this revision.

A YubiKey will better expressed as yubico_keys (vendor_artifact) name.

yubi_keys → yubico_keys

This revision is now accepted and ready to land.Feb 18 2018, 14:06
This revision was automatically updated to reflect the committed changes.