Page MenuHomeDevCentral
Differential D1332

Provision ~/.yubico/authorized_yubikeys files
ClosedPublic
Actions

Authored by dereckson on Feb 18 2018, 14:02.
Tags
None
Referenced Files
F12077003: D1332.id3417.diff
Thu, Oct 2, 23:15
F12076998: D1332.id3419.diff
Thu, Oct 2, 23:15
F12076790: D1332.id3418.diff
Thu, Oct 2, 20:36
F12076667: D1332.diff
Thu, Oct 2, 19:18
F12076507: D1332.id3417.diff
Thu, Oct 2, 17:48
Unknown Object (File)
Thu, Sep 25, 11:27
Unknown Object (File)
Sat, Sep 20, 11:13
Unknown Object (File)
Thu, Sep 18, 14:10
View All Files
Subscribers
None

Details

Reviewers
dereckson
Commits
rOPS56797e259c05: Provision ~/.yubico/authorized_yubikeys files
Summary

If a bastion allows an OTP authentication through yubikeys as PAM module,
it needs to read such keys in ~/.yubico/authorized_yubikeys.

This changes provisions such file through the shellusers pillar entry.

Test Plan
$ cat ~/.yubico/authorized_yubikeys 
dereckson:ccccccbjncrt

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Passed
Unit
No Test Coverage
Branch
yubi (branched from master)
Build Status
Buildable 2105
Build 2353: arc lint + arc unit

Event Timeline

dereckson requested review of this revision.Feb 18 2018, 14:02
dereckson created this revision.
dereckson planned changes to this revision.Feb 18 2018, 14:04

A YubiKey will better expressed as yubico_keys (vendor_artifact) name.

dereckson updated this revision to Diff 3418.Feb 18 2018, 14:05

yubi_keys → yubico_keys

dereckson accepted this revision.Feb 18 2018, 14:06
This revision is now accepted and ready to land.Feb 18 2018, 14:06
Closed by commit rOPS56797e259c05: Provision ~/.yubico/authorized_yubikeys files (authored by dereckson). · Explain WhyFeb 18 2018, 14:06
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
pillar/
core/
2 lines
roles/
bastion/
12 lines
yubico/
24 lines
12 lines

Diff 3418

View Options

pillar/core/users.sls

Loading...
View Options

roles/bastion/init.sls

Loading...
View Options

roles/bastion/yubico/authorized_yubikeys.sls

Loading...
View Options

roles/bastion/yubico/init.sls

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator