On 02/19/2014 01:49 PM, Petr Spacek wrote:
Hello list,
I just came across this page:
http://www.gooze.eu/howto/using-openssh-with-smartcards/using-ssh-authentication-agent-ssh-add-with-smartcards
If I understand correctly, it allows you to store & use your personal
SSH keys via PKCS#11 interface.
It sounds like a killer feature to me!
Imagine that you can log-in to any machine in IPA realm and you will
have all your SSH keys with you, without any extra work.
This extends seamless SSO outside the enterprise (we have Kerberos for
inside, this doesn't change that).
Petr^2 Spacek
P.S. It is natively supported in OpenSSH v5.4p1 - we have PKCS#11
support in Fedora 20 already.
What are the implications for SSSD and IPA? What needs to be changed if
anything?
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel