@[email protected] to [email protected]English • edit-23 months agoSysadmins, how do you store and manage passwords?message-square57fedilinkarrow-up153
arrow-up153message-squareSysadmins, how do you store and manage passwords?@[email protected] to [email protected]English • edit-23 months agomessage-square57fedilink
From a simple KeePass database to enterprise credential management solutions—what’s your setup at work?
minus-square@[email protected]linkfedilink6•3 months agoAs an admin for a Linux server, I want to institute a ssh pub key expiration policy for all the users and enforce non-reuse of old keys. Does anyone have a best solution for this?
minus-square@[email protected]OPlinkfedilink4•edit-23 months agoSounds like certificates to me, but I don’t know of any such solution Edit: I found out that openssh allows the logon with a certificate. This guide shows how to setup a public key that expires after 52 weeks.
minus-squaredb0linkfedilink4•3 months agoHow do you do your pubkey deployments? If you use ansible, it should be simple enough.
minus-square@[email protected]linkfedilink3•3 months agohttps://smallstep.com/docs/tutorials/ssh-certificate-login/ https://sssd.io/
As an admin for a Linux server, I want to institute a ssh pub key expiration policy for all the users and enforce non-reuse of old keys. Does anyone have a best solution for this?
Sounds like certificates to me, but I don’t know of any such solution
Edit: I found out that openssh allows the logon with a certificate. This guide shows how to setup a public key that expires after 52 weeks.
How do you do your pubkey deployments? If you use ansible, it should be simple enough.
https://smallstep.com/docs/tutorials/ssh-certificate-login/
https://sssd.io/