Monday, May 26, 2014

[389-users] Schema for sss_ssh_authorizedkeys

I'm attempting to manage user ssh authorized keys in 389 with clients using SSSD.  I came across the RHEL docs [1] regarding the sss_ssh_authorizedkeys application but I do not see mention of the expected attributes for a user account to use this method.   Does 389 include the necessary schema?  If so, what attributes should I look into?  If the schema does not exist, is there a place I can reference to see how FreeIPA implements the schema to then add as a custom schema to my 389 instance?

I realize FreeIPA contains this functionality but I can not use FreeIPA because our authentication is provided by our campus' Kerberos realm and we use 389 PAM pass through plugin to authenticate users.  As far as I'm aware this functionality cannot be used in FreeIPA without OTP which is not available in EL6 or EL7.

Thanks,
- Trey

[1] https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/openssh-sssd.html

No comments:

Post a Comment