diff options
author | djm@openbsd.org <djm@openbsd.org> | 2015-05-21 06:43:30 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-05-21 16:45:46 +1000 |
commit | bcc50d816187fa9a03907ac1f3a52f04a52e10d1 (patch) | |
tree | 7fee32fe8c063a24674a37aad34e4b381d995ae5 /sshd_config.5 | |
parent | 24232a3e5ab467678a86aa67968bbb915caffed4 (diff) |
upstream commit
add AuthorizedPrincipalsCommand that allows getting
authorized_principals from a subprocess rather than a file, which is quite
useful in deployments with large userbases
feedback and ok markus@
Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index e40ecedef..884e767b8 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,7 +33,7 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.201 2015/05/21 06:38:35 djm Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.202 2015/05/21 06:43:31 djm Exp $ |
37 | .Dd $Mdocdate: May 21 2015 $ | 37 | .Dd $Mdocdate: May 21 2015 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
@@ -287,6 +287,42 @@ directory. | |||
287 | Multiple files may be listed, separated by whitespace. | 287 | Multiple files may be listed, separated by whitespace. |
288 | The default is | 288 | The default is |
289 | .Dq .ssh/authorized_keys .ssh/authorized_keys2 . | 289 | .Dq .ssh/authorized_keys .ssh/authorized_keys2 . |
290 | .It Cm AuthorizedPrincipalsCommand | ||
291 | Specifies a program to be used to generate the list of allowed | ||
292 | certificate principals as per | ||
293 | .Cm AuthorizedPrincipalsFile . | ||
294 | The program must be owned by root, not writable by group or others and | ||
295 | specified by an absolute path. | ||
296 | .Pp | ||
297 | Arguments to | ||
298 | .Cm AuthorizedPrincipalsCommand | ||
299 | may be provided using the following tokens, which will be expanded | ||
300 | at runtime: %% is replaced by a literal '%', %u is replaced by the | ||
301 | username being authenticated and %h is replaced by the home directory | ||
302 | of the user being authenticated. | ||
303 | .Pp | ||
304 | The program should produce on standard output zero or | ||
305 | more lines of | ||
306 | .Cm AuthorizedPrincipalsFile | ||
307 | output. | ||
308 | If either | ||
309 | .Cm AuthorizedPrincipalsCommand | ||
310 | or | ||
311 | .Cm AuthorizedPrincipalsFile | ||
312 | is specified, then certificates offered by the client for authentication | ||
313 | must contain a principal that is listed. | ||
314 | By default, no AuthorizedPrincipalsCommand is run. | ||
315 | .It Cm AuthorizedPrincipalsCommandUser | ||
316 | Specifies the user under whose account the AuthorizedPrincipalsCommand is run. | ||
317 | It is recommended to use a dedicated user that has no other role on the host | ||
318 | than running authorized principals commands. | ||
319 | If | ||
320 | .Cm AuthorizedPrincipalsCommand | ||
321 | is specified but | ||
322 | .Cm AuthorizedPrincipalsCommandUser | ||
323 | is not, then | ||
324 | .Xr sshd 8 | ||
325 | will refuse to start. | ||
290 | .It Cm AuthorizedPrincipalsFile | 326 | .It Cm AuthorizedPrincipalsFile |
291 | Specifies a file that lists principal names that are accepted for | 327 | Specifies a file that lists principal names that are accepted for |
292 | certificate authentication. | 328 | certificate authentication. |