Certificate generation and sync, implemented proper grant and revocation flows. Pubkey uploading. Added openssh-client to Dockerfile
This commit is contained in:
18
TODO.md
Normal file
18
TODO.md
Normal file
@@ -0,0 +1,18 @@
|
||||
Next steps:
|
||||
|
||||
Certificate Generation:
|
||||
- User account is created
|
||||
- User can input SSH pubkey into profile page
|
||||
- Keywarden creates signed SSH Certificate from User's pubkey and Keywarden CA
|
||||
|
||||
Grant:
|
||||
- User requests access to target server
|
||||
- Access request approved
|
||||
- User has linux account created and has key / cert trusted by target server
|
||||
- User can log into account
|
||||
|
||||
Revocation:
|
||||
- User has access expire or revoked
|
||||
- Keywarden removes key / cert from target server, or invalidates on Keywarden's side
|
||||
- Keywarden removes object permissions
|
||||
- User cannot access server anymore
|
||||
Reference in New Issue
Block a user