Configure custom PIV slot for hardware key support#31732
Merged
Conversation
github-actions
Bot
added
size/md
tsh
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
3 times, most recently
from
5e73ce0 to
1c50d89
Compare
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
from
9c2adad to
f2ac3e0
Compare
Joerger
changed the title
tsh --piv-slot
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
from
f2ac3e0 to
3504aa1
Compare
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
from
582b9cf to
7aeaa0d
Compare
ravicious
reviewed
Sep 20, 2023
Member
ravicious
left a comment
ravicious
left a comment
There was a problem hiding this comment.
I didn't manage to get through the whole PR today, I'll continue the review tomorrow.
Contributor
Author
Thanks Rafael, this PR grew larger than I intended. I'll try splitting it up into 1 or 2 more PRs for easier review. |
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
from
e41df61 to
b6cbf9b
Compare
Joerger
changed the base branch from
master
to
joerger/custom-piv-slot-base
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
3 times, most recently
from
4b9a235 to
8060194
Compare
ravicious
approved these changes
Sep 21, 2023
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
2 times, most recently
from
3c36c37 to
a3a1509
Compare
Joerger
changed the base branch from
joerger/custom-piv-slot-base
to
joerger/piv-client-side-attestation
Joerger
force-pushed
the
joerger/piv-client-side-attestation
branch
from
97d3f06 to
550cf20
Compare
Base automatically changed from
joerger/piv-client-side-attestation
to
master
September 29, 2023 00:27
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
2 times, most recently
from
f660dbc to
bdccdc6
Compare
Contributor
Author
Joerger
force-pushed
the
joerger/custom-piv-slot
branch
from
bece00f to
f8b0b73
Compare
Contributor
Author
jakule
approved these changes
Oct 10, 2023
public-teleport-github-review-bot
Bot
removed request for
flyinghermit,
tcsc and
zmb3
Joerger
added a commit
that referenced
this pull request
Oct 12, 2023
* Update RFD. * Add custom PIV slot logic. * Add custom piv slot to cluster auth preference. * Fix error handling of parsing private key policy errors. * Add new PIVSlot string type.
Joerger
added a commit
that referenced
this pull request
Oct 14, 2023
* Update RFD. * Add custom PIV slot logic. * Add custom piv slot to cluster auth preference. * Fix error handling of parsing private key policy errors. * Add new PIVSlot string type.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add support for configuring a custom PIV slot for hardware key support through client or server settings:
tsh --piv-slot=9dorTELEPORT_PIV_SLOT=9d tshteleport.auth_service.authentication.piv_slot: 9acluster_auth_preference.piv_slot: 9aOther changes:
e PR: https://github.com/gravitational/teleport.e/pull/2191
Follow up PR: #32275