0

Possible Duplicate:
A system for distributing SSH public keys

Suppose that I have four servers (SA, SB, SC, and SD). I want to give user X access to SA and SB. I can do it easily by ssh -keygen -t RSA and then give X the id_rsa file. Now if I changed my mind and I want to give him access to SC and drop his access on SB. I can do it manually.
Now the question: What if I have 100 servers and 20 system admin. It would be very sophisticated process to handle it in such way. Is there a tool that can help me in managing access to servers more easily.

Improve this question
1
  • Userify can manage those accounts with centralized administration but local authentication. Commented Nov 25, 2016 at 23:13

4 Answers 4

Reset to default
1

A tool like puppet can easily do this

http://docs.puppetlabs.com/references/latest/type.html#sshauthorizedkey

Improve this answer
2

Generating / distributing keys is not the way to control access to individual machines. Use groups to determine whio should have access to particular machines (and setup sshd to only allow the group for that machine to connect).

Improve this answer
1

I know this is a rather complex approach, but in my opinion going with LDAP based netgroups, nss_ldapd and possibly augmented by sudo-ldap is the most integrated solution. Once LDAP is in place you get Kerberos SSO virtually for free as well.

Improve this answer
0

Can an nis server not do what you want (in conjunction with setting ssh right) ? - seems to me like that'd be the easy solution. Otherwise, puppet.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.