Ok, I've installed openldap from the Ubuntu repo's and have installed phpldapadmin, but I cant see how to add a ssh key....
What am I missing? On Tue, May 7, 2013 at 5:38 PM, Kwame Bahena <[email protected]> wrote: > Yes, ssh public key can be stored in OpenLDAP and then when a user > attempts to login to a server using ssh + ldap authentication, the server > will query ldap for the users private key and pair it up with the users > public key. > > Cheers! > -- > Dan > > > > On Tue, May 7, 2013 at 11:05 AM, Vishesh kumar > <[email protected]>wrote: > >> I think here "User Information" will be fetched from ldap. Openssh will >> use library calls for getting ldap user information same as it do for >> users in /etc/passwd. Key based authentication will work in normal way but >> interested to see if key can be stored on ldap server. >> >> Regards, >> Vishesh Kumar >> http://linuxmantra.com >> >> >> On Tue, May 7, 2013 at 8:43 PM, Kwame Bahena <[email protected]>wrote: >> >>> Hi, >>> >>> Yes, you would only need to install openssh server on the OpenLDAP >>> server if you want your users to connect to this server via ssh. >>> >>> Cheers! >>> -- >>> Dan >>> >>> >>> On Tue, May 7, 2013 at 9:42 AM, Stuart Watson <[email protected]>wrote: >>> >>>> At the moment this is still in the planning stage. It's all Ubuntu >>>> 10.04 LTS onwards. >>>> >>>> Is it possible to do this without install openssh server on the >>>> OpenLDAP server? >>>> >>>> >>>> On Tue, May 7, 2013 at 3:26 PM, Kwame Bahena <[email protected]>wrote: >>>> >>>>> Hi, >>>>> >>>>> Your plan sounds accurate: >>>>> >>>>> 1. Yes >>>>> 2. Yes >>>>> 3. If you want your users to connect to the OpenLDAP server via ssh, >>>>> then yes, you need to install ssh server on that box >>>>> 4. Yes >>>>> >>>>> What have you done so far? Which distro are you using? >>>>> >>>>> Cheers! >>>>> -- >>>>> Dan >>>>> >>>>> >>>>> On Tue, May 7, 2013 at 4:21 AM, Stuart Watson <[email protected]>wrote: >>>>> >>>>>> Hi >>>>>> >>>>>> I am looking at creating a SSH gateway using OpenLDAP. The idea is >>>>>> to store our devs public keys in OpenLdap, which would give us the >>>>>> ability >>>>>> to control who has SSH access to our servers. >>>>>> >>>>>> Currently everyone shares the same key which means it is impossible >>>>>> to control access. >>>>>> >>>>>> Do I just need to... >>>>>> >>>>>> Install OpenLDAP >>>>>> Import the public keys into OpenLDAP >>>>>> Install OpenSSH Server on the OpenLDAP server and configure it to use >>>>>> LDAP. >>>>>> Configutre the remote servers to use the OpenLDAP servers to >>>>>> authenticate >>>>>> >>>>>> The the devs can ssh from their computers through the OpenLDAP server >>>>>> to the remote servers. >>>>>> >>>>>> Can anyone help? >>>>>> >>>>>> Thanks >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> >>> >> >> >> -- >> >> >
