2013/3/20 Jan Cholasta <jchol...@redhat.com> > On 20.3.2013 14:02, Pavel Březina wrote: > >> On 03/20/2013 01:16 PM, Jakub Hrozek wrote: >> >>> On Wed, Mar 20, 2013 at 08:12:33AM -0400, Simo Sorce wrote: >>> >>>> On Wed, 2013-03-20 at 10:19 +0100, Pavel Březina wrote: >>>> >>>>> >>>>> Hi, >>>>> I'm afraid we support ssh keys only with IPA backend at the moment. >>>>> >>>>> >>>> Should we open a RFE to make it available with other backends too ? >>>> >>>> >>> This is already part of >>> https://fedorahosted.org/sssd/**ticket/1560<https://fedorahosted.org/sssd/ticket/1560>it >>> seems: >>> >>> """ >>> In the LDAP provider, ldap_user_ssh_public_key has no default value. >>> Make sshPublicKey the default value for it, so that OpenSSH-LPK support >>> is enabled by default. >>> """ >>> >> >> This sounds more like it should work with LDAP provider if you set >> ldap_user_ssh_public_key to sshPublicKey. >> > > Yes, it should. > > > But we don't have any support >> whatsoever. We lack sssm_ldap_hostid_init(). >> > > This is completely irrelevant for user public keys support. > > Honza > > -- > Jan Cholasta >
Hello, Thanks for all the messages. I did add the ldap_user_public_key to sssd.conf, but it doesn't seem to change anything. In fact, sshPublicKey isn't even requested during the ldap_search_ext/sdap_get_generic_ext_step call. I tried to find information on IPA backend, but it seems quite unclear what this would be. Attached is an up-to-date sanitized sssd.conf. If you have any other insight, I'd be glad to test them or provide additional informations. Mathieu.
sssd.conf
Description: Binary data
_______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users
