COmanage Developers List

[Benn Oshrin <>]

I've taken a first pass at the SSH use case (for the HTCondor 
presentation, but also generally).

 https://spaces.internet2.edu/display/COmanage/SSH

It turns out while OpenSSH doesn't support pulling keys directly from 
LDAP, there are various approached that folks have adopted to do so. 
This is probably the best:

 https://github.com/AndriiGrytsenko/openssh-ldap-publickey

We could try to follow this model (the LDAP schema is non-standard, 
though), which would simplify the key provisioning. We might still have 
to worry about allocating a home directory, but not for purposes of 
provisioning the account or storing the keys.

Thoughts?

Thanks,

-Benn-