Firstyear
Firstyear
We've started working on improvements to the unixd module, so hopefully we can sort this out sooner than later :)
@jcrawfordor Are you willing/able to test a dev build?
@jcrawfordor If you're willing to test from current git master, or from the latest build in gh/obs, that'd be great. We have reworked the majority of the backend.
@jcrawfordor Did you end up testing the latest updates? I don't recall what the result was.
Okay, I'm going to still do a cursory review of the resolver code to be certain that I can't see anything that would cause a race or deadlock, but if...
This should be easy to do since oauth2rs is now name we can use uuid2name
we are currently going to pursue this with the ssh-sk key types rather than this method. We have however talked about this method as oauth2 device authorisation as an alternative...
I'm confused by what you mean here. Let's be specific. When you ssh to another machine, Kanidm is involved in distributing ssh keys to the machine, and providing rules via...
Yes but then wed need the cli to accept oauth2 device code, which also seems unfun given that the cli elsewhere has to provide device code. So wed have a...
Actually thinking further, it's worse - we actually can't do this with device code for re-authentication because it's not actually proving access to the original and bound credentials of the...