Andrey Ptashnik wrote:
> Hello Team,
> I know that FreeIPA server supports management of public keys for each
> user and it is a very convenient feature.
> Are there any possible way to manage private keys as well including
> features like re-issuing the key pair if it gets compromised?
I assume you mean SSH keys. IPA doesn't issue keys, so re-issuing is out
and AFAIK no plans to do this.
There are plans for a Key Recovery vault which can store a private key,
see https://fedorahosted.org/freeipa/ticket/3872 . This doesn't help in
the case of compromise but it does mean that keys aren't lost.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project