Andrey Ptashnik wrote:
> Hello Team,
> 
> I know that FreeIPA server supports management of public keys for each
> user and it is a very convenient feature.
> Are there any possible way to manage private keys as well including
> features like re-issuing the key pair if it gets compromised?

I assume you mean SSH keys. IPA doesn't issue keys, so re-issuing is out
and AFAIK no plans to do this.

There are plans for a Key Recovery vault which can store a private key,
see https://fedorahosted.org/freeipa/ticket/3872 . This doesn't help in
the case of compromise but it does mean that keys aren't lost.

rob

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to