[c-nsp] SSH Authoized Keys?
Robert Blayzor
rblayzor.bulk at inoc.net
Mon May 12 11:08:06 EDT 2008
On May 10, 2008, at 5:03 AM, Kevin Graham wrote:
> username autotool access-class 50 keyring TOOLS priv 15
> access-list 50 permit host 192.0.2.5
> crypto keyring TOOLS
> ssh-dsa-pubkey name rancid
Well as an alternative to putting the keys in a config, how about the
ability to return public keys as part of a attribute returned from a
RADIUS server. I know there may be an issue with packet size, but I
think most 512-1024 bit keys should be able to fit in a standard
authentication based response.
--
Robert Blayzor, BOFH
INOC, LLC
rblayzor at inoc.net
http://www.inoc.net/~rblayzor/
Mac OS X. Because making Unix user-friendly is easier than debugging
Windows.
More information about the cisco-nsp
mailing list