DOE CODE / / PAM module for OAuth 2.0 Device flow

PAM module for OAuth 2.0 Device flow

Full Project

Abstract

This is a PAM module that lets you log in via SSH to servers using OpenID Connect credentials, instead of SSH Keys or a username and password combination. It uses the OAuth2 Device Flow, which means that during the login process, you will click a link and log in to your OpenID Connect Provider, which will then authenticate you for the SSH session. This module will then check if you're in the right group(s) or have a specified username, and allow or deny access.

Developers:: Surkont, Jarosław ; Prochazka, Michal ; Furnell, Will ; Bockelman, Brian P ; Velisek, Ondrej

Release Date:: 2020-08-13

Project Type:: Open Source, Publicly Available Repository

Software Type:: Scientific

Licenses:: Apache License 2.0

Sponsoring Org.:: USDOE

Primary Award/Contract Number:

AC02-76SF00515

Code ID:: 77691

Research Org.:: SLAC National Accelerator Laboratory (SLAC), Menlo Park, CA (United States)

Country of Origin:: United States

Citation Formats

Surkont, Jarosław, Prochazka, Michal, Furnell, Will, Bockelman, Brian P, and Velisek, Ondrej. PAM module for OAuth 2.0 Device flow. Computer Software. https://github.com/slaclab/pam_oauth2_device. USDOE. 13 Aug. 2020. Web. doi:10.11578/dc.20220727.6.

Surkont, Jarosław, Prochazka, Michal, Furnell, Will, Bockelman, Brian P, & Velisek, Ondrej. (2020, August 13). PAM module for OAuth 2.0 Device flow. [Computer software]. https://github.com/slaclab/pam_oauth2_device. https://doi.org/10.11578/dc.20220727.6.

Surkont, Jarosław, Prochazka, Michal, Furnell, Will, Bockelman, Brian P, and Velisek, Ondrej. "PAM module for OAuth 2.0 Device flow." Computer software. August 13, 2020. https://github.com/slaclab/pam_oauth2_device. https://doi.org/10.11578/dc.20220727.6.

@misc{ doecode_77691,

title = {PAM module for OAuth 2.0 Device flow},

author = {Surkont, Jarosław and Prochazka, Michal and Furnell, Will and Bockelman, Brian P and Velisek, Ondrej},

abstractNote = {This is a PAM module that lets you log in via SSH to servers using OpenID Connect credentials, instead of SSH Keys or a username and password combination. It uses the OAuth2 Device Flow, which means that during the login process, you will click a link and log in to your OpenID Connect Provider, which will then authenticate you for the SSH session. This module will then check if you're in the right group(s) or have a specified username, and allow or deny access.},

doi = {10.11578/dc.20220727.6},

url = {https://doi.org/10.11578/dc.20220727.6},

howpublished = {[Computer Software] \url{https://doi.org/10.11578/dc.20220727.6}},

year = {2020},

month = {aug}

}

RESOURCE

SAVE / SHARE

Abstract

RESOURCE

SAVE / SHARE

Citation Formats