Hello,

Today, in sshportal, a user with admin right is administrator of the entire sshportal instance.

In the context of a shared use of sshportal, it could be interesting to be able to declare that a user can be administrator of one or more hostgroups, and one or more usergroups. It would also be particularly useful for use in the cloud linked with automation tools, where hosts can appear or disappear without the sshportal super administrator knowing.

Thus, the super administrator of sshportal could delegate to a dedicated user the management of access to a given hostgroup and/or a given usergroup.

This administrator by delegation should be able to:

• manage the hosts of the hostgroup of which he is an administrator (create, inspect, ls and rm)

• manage the users of the usergroup of which he is an administrator (invite, inspect, ls, rm and update)

• manage keys for his perimeter of responsability (maybe this point is the more difficult)

What do you think ?

Thanks !