It looks like Vault is the functionality I was looking for.
Thank you Rob and Dmitri for your responses.
On 4/8/15, 5:59 PM, "Rob Crittenden" <rcrit...@redhat.com> wrote:
>Andrey Ptashnik wrote:
>> Hello Team,
>> I know that FreeIPA server supports management of public keys for each
>> user and it is a very convenient feature.
>> Are there any possible way to manage private keys as well including
>> features like re-issuing the key pair if it gets compromised?
>I assume you mean SSH keys. IPA doesn't issue keys, so re-issuing is out
>and AFAIK no plans to do this.
>There are plans for a Key Recovery vault which can store a private key,
>see https://fedorahosted.org/freeipa/ticket/3872 . This doesn't help in
>the case of compromise but it does mean that keys aren't lost.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project