Please improve the self-service portal part of SSH key management so that it matches the functionality provided in the server profiles, i.e. separate keys in separate text fields with add and delete buttons.
+1. We have several users who have multiple SSH keys, but they can only upload one in the self-service portal. The ability to manage multiple keys would be very useful.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Yes, +1. Without this, I'm essentially forced to use the same identity on all my devices, which I see as a security risk; if it's even at all possible. I'd prefer to use separate identities and associate all of them with my LDAP account.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
+1. We have several users who have multiple SSH keys, but they can only upload one in the self-service portal. The ability to manage multiple keys would be very useful.
Yes, +1. Without this, I'm essentially forced to use the same identity on all my devices, which I see as a security risk; if it's even at all possible. I'd prefer to use separate identities and associate all of them with my LDAP account.
Multiple keys are already possible. LAM treats each new line as new key.
Actually, it doesn't. If you put another key on a new line, the key gets encoded incorrectly in LDAP.
This is my (redacted) account with one key:
dn: uid=jdisher,ou=people,dc=bluekai,dc=com
homeDirectory: /home/jdisher
loginShell: /bin/bash
gidNumber: 999
uid: jdisher
cn: Jonathan Disher
uidNumber: 10000
sshPublicKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDRfAzpdO8CigI5opAM7dQ3Hfnp
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sohzIvel++P+T79Iy/KS6fJCz2gtVj1JlWFVISHoww== jdisher@fuezakyuu
modifiersName: cn=admin,dc=bluekai,dc=com
modifyTimestamp: 20130724193719Z
Now, if I go to self-service and add another key on a new line, as you say:
dn: uid=jdisher,ou=people,dc=bluekai,dc=com
homeDirectory: /home/jdisher
loginShell: /bin/bash
gidNumber: 999
uid: jdisher
cn: Jonathan Disher
uidNumber: 10000
sshPublicKey:: c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFDQVFEUmZBenBkTzh
DaWdJNW9wQU03ZFEzSGZucENNbWFwZXZiSHZaV1g1dU04QUVIU3NYcEZJNHFJVEg1K3pvdTJkd2Jp
cVYyNlgrR1VLNWtONUJKbnVNNkJDNDlKeitxNGg3aXpKRS9Rcm9Dc0xrR2s0ODNvWDJ5b0h2L0tZa
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
RHc9PSBqZGlzaGVyQGFrYWJhbmU=
modifiersName: uid=jdisher,ou=people,dc=bluekai,dc=com
modifyTimestamp: 20130724193811Z
Both keys are there, but they are bin64 encoded in a blob that openSSH does not understand.
Maybe the base64 comes from LDIF export. LAM does no encoding.
Anyway, 4.3 will have separate text fields. So this should no longer happen.
Implementation finished, will be included in 4.3.
You will also be able to upload multiple keys via file (e.g. authorized_keys).