pam-ussh icon indicating copy to clipboard operation
pam-ussh copied to clipboard

Published 20 hours ago verified publisher icon uber

Improve principal restriction logic

Open korfuri opened this issue 2 years ago • 1 comments

Make optional requiring that certs contain a principal matching the local username.

For backward compatibility, disabling the check of a local-username-principal is opt-in, as doing the opposite would make existing configurations more open on upgrade.

Resolves #15.

korfuri avatar Sep 18 '22 12:09 korfuri

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Sep 18 '22 12:09 CLAassistant