Hello,
we are administering functional users. Therefore the saf-ssh-agent should be able to export a public key for this functional user without requiring to logon with this userid. This could be done with allowing to specify the userid to be maintained. The RACDCERT-command works the same way.
brgds,
Ulrich
Exporting foreign users key ba an administrator
-
Ulrich Schmidt
- Posts: 37
- Joined: Fri Jan 09, 2009 1:25 pm
- Location: Germany
An administrator can export the SSH public key for another user's certificate by prefixing the ring name with "USERID/", like this:
saf-ssh-agent -xf pub.key YOURID/YOUR-RING-NAME
In order to do this for another user, the administrator must have "UPDATE" access to the IRR.DIGTCERT.LIST and IRR.DIGTCERT.LISTRING profiles.
(A normal user who only wants to access his own certificate should only have "READ" access to these profiles).
saf-ssh-agent -xf pub.key YOURID/YOUR-RING-NAME
In order to do this for another user, the administrator must have "UPDATE" access to the IRR.DIGTCERT.LIST and IRR.DIGTCERT.LISTRING profiles.
(A normal user who only wants to access his own certificate should only have "READ" access to these profiles).