From fb3d62de2b309867a2537bb88f445be9ee3e232c Mon Sep 17 00:00:00 2001
From: KissT <github@kisst.net>
Date: Wed, 17 Jan 2018 09:54:30 +0000
Subject: [PATCH] speed up not controled user authentication

---
 authorized_keys_command.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/authorized_keys_command.sh b/authorized_keys_command.sh
index eced80c..d4c8002 100755
--- a/authorized_keys_command.sh
+++ b/authorized_keys_command.sh
@@ -12,6 +12,13 @@ fi
 # instance you use this script runs in another.
 : ${ASSUMEROLE:=""}
 
+# Special group to mark users as being synced by our script
+: ${LOCAL_MARKER_GROUP:="iam-synced-users"}
+
+if ! getent group "${LOCAL_MARKER_GROUP}" | grep &>/dev/null "\b$1\b"; then
+  exit 1
+fi
+
 if [[ ! -z "${ASSUMEROLE}" ]]
 then
   STSCredentials=$(aws sts assume-role \