authorized_yubikeys files
ClosedPublic
Actions

Authored by dereckson on Feb 18 2018, 14:02.

Details

Reviewers

Commits

rOPS56797e259c05: Provision ~/.yubico/authorized_yubikeys files

Summary

If a bastion allows an OTP authentication through yubikeys as PAM module,
it needs to read such keys in ~/.yubico/authorized_yubikeys.

This changes provisions such file through the shellusers pillar entry.

Test Plan

$ cat ~/.yubico/authorized_yubikeys 
dereckson:ccccccbjncrt

Diff Detail

Repository

rOPS Nasqueron Operations

Lint

Lint Passed

Unit

No Test Coverage

Branch

yubi (branched from master)

Build Status

Buildable 2104
Build 2352: arc lint + arc unit

Event Timeline

dereckson requested review of this revision.Feb 18 2018, 14:02

dereckson created this revision.

A YubiKey will better expressed as yubico_keys (vendor_artifact) name.

yubi_keys → yubico_keys

dereckson accepted this revision.Feb 18 2018, 14:06

This revision is now accepted and ready to land.Feb 18 2018, 14:06

Closed by commit rOPS56797e259c05: Provision ~/.yubico/authorized_yubikeys files (authored by dereckson). · Explain WhyFeb 18 2018, 14:06

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

pillar/

core/

users.sls

2 lines

roles/

bastion/

init.sls

12 lines

yubico/

authorized_yubikeys.sls

24 lines

init.sls

12 lines

Diff 3417

View Options

pillar/core/users.sls

View Options

roles/bastion/init.sls

View Options

roles/bastion/yubico/authorized_yubikeys.sls

View Options

roles/bastion/yubico/init.sls

Provision ~/.yubico/authorized_yubikeys filesClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 3417

pillar/core/users.sls

roles/bastion/init.sls

roles/bastion/yubico/authorized_yubikeys.sls

roles/bastion/yubico/init.sls

Provision ~/.yubico/authorized_yubikeys files
ClosedPublic
Actions

Revision Contents
Changeset List