We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please implement enforceUsername also for the oidc authentication method. Furthermore, logging could be improved.
enforceUsername
oidc
Using ContainerSSH 0.5 (actually with PR ContainerSSH/libcontainerssh#563 applied) with Keycloak and this configuration
auth: keyboardInteractive: method: oauth2 oauth2: clientId: "containerssh" clientSecret: "..." provider: oidc oidc: deviceFlow: true authorizationCodeFlow: false usernameField: "preferred_username" url: "https://KEYCLOAK_URL/realms/REALM/"
one can login using any username (ssh -l foo ...), and user matching authenticatedUser is not enforced.
ssh -l foo ...
user
authenticatedUser
Two things:
info
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Please describe what you would like to see in ContainerSSH
Please implement
enforceUsername
also for theoidc
authentication method.Furthermore, logging could be improved.
Please describe your use case
Using ContainerSSH 0.5 (actually with PR ContainerSSH/libcontainerssh#563 applied) with Keycloak and this configuration
one can login using any username (
ssh -l foo ...
), anduser
matchingauthenticatedUser
is not enforced.Two things:
user
but also theauthenticatedUser
, even on log levelinfo
.The text was updated successfully, but these errors were encountered: