Generalized use case for SSH

There are other non-Web cases that we are declaring out of scope, e.g. Excel macros accessing remote data repositories.

  1. Participant is enrolled in the CO
  2. Username, UID, and Home Directory assigned
    1. Initially, Home Directory could be assigned as an identifier, but probably better for it to be its own data element
  3. Unix account provisioned to LDAP (RFC 2307) (CO-863)
  4. Create a home directory and provision (CO-865)
    1. Participant rsync to push directories to remote servers?
  5. Participant uploads (CO-856) / generates (CO-857) SSH key
  6. SSH key provisioned to home directory (CO-668)
    1. rsync to push to remote servers? Same mechanism as above
    2. Or write to LDAP (CO-864)
      1. See also: Provisioning ssh keys via LDAP
  7. When Participant logs in to server, server queries LDAP for /etc/passwd attributes and sees SSH keys in home directory
  • No labels