My client is implementing HiPAM (or Hitachi ID) for production systems.
One requests temporary access to machines in a certain group, and can, upon approval, access them either via an ssh-client inside the browser, or by launching PuTTY from the browser.
This (kind of) works for interactive access to individual systems, which is the only use-case the people in charge have considered.
However, I need to be able to access dozens of machines via Ansible -- which means, my OpenSSH client needs to be able to use whatever credentials HiPAM issues.
How would I do that? I suspect -- but am not sure -- that Hitachi are using Kerberos in some way, but cannot figure out, which way it is...
