Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11134

Amster: Remove the 'from' option in authorized_keys

    XMLWordPrintable

    Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 14.0.0
    • 7.0.0
    • Amster
    • Rank:
      1|hzu06f:

      Description

      "Procedure 2.2. To Connect Locally With the Default Key Pair" should mention that the "from" parameter in the authorized_keys file may need to be edited, depending on network configuration.
      https://backstage.forgerock.com/docs/amster/5/user-guide/chap-user-getting-started#default-private-login

      Connecting locally with the default keypair, e.g.
      connect --private-key /home/fr/openam/amster_rsa http://am5.example.com:8080/openam

      Works fine as long as the connection takes place through the loopback interface since OpenAM creates an authorized_keys entry with "from="127.0.0.1/24,::1"

      If another interface is used, the "from" needs to be edited to take this into account, otherwise amster fails with:
      [code:401, reason:Unauthorized, message:Authentication Failed]

        Attachments

          Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. OPENAM-13215 Step Required for Amster Private Key Connections

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          relates to

          Task - A task that needs to be done. OPENAM-11881 Document from issue in Amster 5.5

          • Major - Major loss of function.
          • Resolved

            Activity

              People

              emma.rumsey Emma Rumsey
              andrew.dunn Andrew Dunn [X] (Inactive)
              Votes:
              5 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: