Keycloak PAM
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
QuentinN42 4c35bbd789
feat: remove the oidc file
1 year ago
.vscode pam module in right location 1 year ago
ansible feat: remove the oidc file 1 year ago
build/install feat: remove the oidc file 1 year ago
.gitignore feat: commited build file 1 year ago
LICENSE Initial commit 1 year ago docs: rm old doc 1 year ago


Keycloak PAM



The servers are the following:

  • keycloak : The authentication server
  • mysql : Backend storage for keycloak
  • serv1 : a simple server
  • serv2 : another server

The users are the following:

  • admin : admin user for keycloak
  • user1 : a user that can only access serv1
  • user2 : a user that can only access serv2
  • user3 : a user that can access both serv1 and serv2


Install Insomnia. Import the Insomnia.json file in your app. Go to the keycloak server and login as admin. Then go to the clients and export the Keycloak OIDC JSON from Installation tab into Insomnia envs.

Setup a server

We will virtualise servers using LXC.

lxc-create -t download -n serv1 -- --no-validate --dist debian --release bullseye --arch amd64

Now you can attach to it and install the dependencies:

lxc-start -n serv1
lxc-attach -n serv1 -- bash -c ' \
    apt update && \
    apt install -y git ansible && \
    git clone /root/SR2I204 && \
    cd /root/SR2I204/server/ansible && \
    ansible-playbook install.yml'

Then you can try to ssh :

lxc-attach -n serv1 ip a
ssh root@<ip>