On Tue, 2011-08-02 at 16:27 -0400, Dmitri Pal wrote:
> On 08/02/2011 02:15 PM, Ian Stokes-Rees wrote: 
> > Is there some mechanism to store private keys (e.g. ssh, pgp, gpg,
> > X.509) in FreeIPA, tied to a user account, so only the user (via
> > kerb token or with password prompt) can fetch the token?
> > 
> > If FreeIPA doesn't make this possible, can anyone suggest a good
> > mechanism to have, effectively, a user keystore that would sync
> > passwords with FreeIPA nicely.  I am thinking, in particular, of the
> > scenario where users forget their password -- we'd strongly prefer
> > to just reset it for them (24 hours, one login) in a way that didn't
> > mean also re-issuing all passphrase-secured identity tokens.
> > 
> 
> Not now however:
> https://fedorahosted.org/freeipa/ticket/754
> https://fedorahosted.org/freeipa/ticket/237
> https://fedorahosted.org/freeipa/ticket/521

Replaced the last one with: https://fedorahosted.org/freeipa/ticket/1560

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to