It looks like Vault is the functionality I was looking for. Thank you Rob and Dmitri for your responses.
Regards, Andrey On 4/8/15, 5:59 PM, "Rob Crittenden" <rcrit...@redhat.com> wrote: >Andrey Ptashnik wrote: >> Hello Team, >> >> I know that FreeIPA server supports management of public keys for each >> user and it is a very convenient feature. >> Are there any possible way to manage private keys as well including >> features like re-issuing the key pair if it gets compromised? > >I assume you mean SSH keys. IPA doesn't issue keys, so re-issuing is out >and AFAIK no plans to do this. > >There are plans for a Key Recovery vault which can store a private key, >see https://fedorahosted.org/freeipa/ticket/3872 . This doesn't help in >the case of compromise but it does mean that keys aren't lost. > >rob > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project