You can override the SSH default path from `/home/user_name` to something else
Edit Smallstep User Profile in OKTA- From the OKTA admin, go to Directory --> Profile Editor
- Click to open the Smallstep User profile to add a new Attribute
Add a `homeDir` Attribute for mapping to SSH home directory for OKTA users
Use the following settings to add an Attribute.
🗒️ The External Name and External Namespace are specific to Smallstep. The other naming options are customizable.
Configuration Fields
- Data type = String
- Display Name = [anything you choose]
- Variable Name = [anything you choose]
- External Name = homeDir
- External Namespace = urn:scim:smallstep:ssh:schema
- Description = [anything you choose]
- Enum = [unchecked]
- Attribute Length = [unset]
- Attribute required = [optional yes]
- Scope = [optional] (help page)
- User Permission = [READ ONLY]
Map New Attribute to OKTA sync
- After the attribute is created, select Mappings and select the `OKTA User to Smallstep option`
- Add an expression that concatenates the static home directory and the user.login attribute. Many expressions can be used, but here's one: toLowerCase("/home/users/" + user.login)
- Save your Mapping and decide if you wish to push the changes now or wait for them to sync.
Test if the home path is updated when sessions begin
- From an end-user machine, rerun the configuration for step ssh
step ssh config --team [your_team_slug] --force
- SSH into a registered host and check that your entry point is updated as configured in OKTA.