existing-user

command

v0.0.0-...-e2b905b Latest Latest Go to latest Published: Sep 27, 2018 License: MIT Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Fullscreen/iam-authorized-keys-command

README ¶

existing-user

In this version, a system user has to exist with the same username as your IAM user.

Example sshd_config

AuthorizedKeysFile none
AuthorizedKeysCommand /path/to/compiled/binary
AuthorizedKeysCommandUser nobody

If you still want to be able to use the authorized_keys file for some users, e.g. in case IAM is experiencing downtime, you can add something like the following:

Match User ubuntu
  AuthorizedKeysFile %h/.ssh/authorized_keys

Don't forget to restart the ssh service:

service ssh restart

IAM Role Permissions

This script needs the following policy to execute properly, so make sure you apply it to your EC2 Role:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:ListSSHPublicKeys",
                "iam:GetSSHPublicKey"
            ],
            "Resource": "*"
        }
    ]
}

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL