Page MenuHomeVyOS Platform
Create Task
Maniphest T110

Ability to store SSH keys out of the config
Open, WishlistPublicENHANCEMENT
Actions

Description

We need to have ability to store ssh keys outside of config
for that purpose we can create subdir in /config for that purpose

and use sshd configuration
like

AuthorizedKeysFile /config/ssh/%u

The following tokens are defined:

%u is replaced by the username of the user

Details

Difficulty level
Normal (likely a few hours)
Version
1.2
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Behavior change
Issue type
Unspecified (please specify)

Related Objects

Event Timeline

syncer created this task.Aug 4 2016, 10:52 PM
syncer mentioned this in T122: Control over which users have ssh access.Aug 8 2016, 4:52 PM
syncer added a subscriber: whiskeyalpharomeo.Sep 4 2016, 7:32 PM

@whiskeyalpharomeo maybe in your scope of interest

syncer edited projects, added VyOS 1.2 Crux; removed VyOS 1.1.x (1.1.8).Dec 14 2016, 1:35 PM
syncer edited subscribers, added: VyOS 1.2 Crux, VyOS 2.0.x; removed: VyOS 1.1.x, syncer.
syncer reassigned this task from dmbaturin to UnicronNL.Sep 2 2017, 4:01 PM
syncer added a subscriber: dmbaturin.

This one is partially related to T312 but not only
we had some discussions with @dmbaturin in past about keys
and came across idea that it will be great to keep keys outside of config

c-po added a subscriber: c-po.Sep 2 2017, 4:58 PM

Actually I like the fact to have the users SSH pub key inside the config. This makes it super handy to just copy/paste a users config entry arround VyOS instances.

Cisco/Ubiquity uses the same approach, User SSH keys are located inside running-config.

syncer added a comment.Sep 2 2017, 5:02 PM

That is not something that we need to choose between,
we keep both, but for environments where users comes from AD, LDAP, Radius, etc.

syncer reassigned this task from UnicronNL to dmbaturin.May 27 2018, 9:10 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux, VyOS 2.0.x.
syncer added a subscriber: UnicronNL.
pasik added a subscriber: pasik.Aug 19 2018, 8:12 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc2); removed VyOS 1.2 Crux (VyOS 1.2.0-rc1).Oct 9 2018, 6:42 AM
dmbaturin moved this task from VyOS 1.2.0-rc2 to Wishlist on the VyOS 1.2 Crux board.Oct 13 2018, 8:41 AM
dmbaturin edited projects, added VyOS 1.2 Crux; removed VyOS 1.2 Crux (VyOS 1.2.0-rc2).
syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.Oct 13 2018, 9:54 AM
syncer changed the subtype of this task from "Task" to "Enhancement".Oct 20 2018, 4:49 AM
dmbaturin edited projects, added VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.Dec 10 2020, 11:52 AM
dmbaturin set Version to 1.2.
dmbaturin set Why the issue appeared? to Will be filled on close.
dmbaturin set Is it a breaking change? to Behavior change.
dmbaturin removed subscribers: VyOS 2.0.x, VyOS 1.2 Crux.
eronlloyd added a subscriber: eronlloyd.Feb 21 2022, 11:36 AM
dmbaturin added a project: VyOS 1.5 Circinus.Feb 15 2024, 11:09 AM
dmbaturin set Issue type to Unspecified (please specify).
dmbaturin removed a project: VyOS 1.4 Sagitta.