Have a nice day, everyone
Help please, I want to make a permission with the ability to read/write the
ipatokenotpkey attribute. I can read this attribute as an admin via the API
without any problems. I tried adding this permission in different ways
through the freeipa web interface, I tried
Alexander Bokovoy via FreeIPA-users wrote:
> On Срд, 15 ліс 2023, John Phillips via FreeIPA-users wrote:
>> Thanks for the response Alexander, it sounds like it will be a while
>> before FreeIPA or IdM gets full support for HSM or TPM.
>>
>> I may try using
On Срд, 15 ліс 2023, John Phillips via FreeIPA-users wrote:
Thanks for the response Alexander, it sounds like it will be a while
before FreeIPA or IdM gets full support for HSM or TPM.
I may try using https://github.com/tpm2-software/tpm2-pkcs11 and if I
make any progress I will feedback here
Thanks for the response Alexander, it sounds like it will be a while before
FreeIPA or IdM gets full support for HSM or TPM.
I may try using https://github.com/tpm2-software/tpm2-pkcs11 and if I make any
progress I will feedback here
___
FreeIPA-users
On Срд, 15 ліс 2023, John Phillips via FreeIPA-users wrote:
As most servers, physical and virtual are now equipped with a TPM, are
there any plans to leverage this to store keys for FreeIPA?
We have a use-case where freeipa is a sub-ca and the root-ca will sign
our cert. Ideally we would like
As most servers, physical and virtual are now equipped with a TPM, are there
any plans to leverage this to store keys for FreeIPA?
We have a use-case where freeipa is a sub-ca and the root-ca will sign our
cert. Ideally we would like to store the private keys in TPM - specifically AWS
NitroTPM
On Wed, Nov 15, 2023 at 11:11:44AM +0200, Alexander Bokovoy via FreeIPA-users
wrote:
> On Срд, 15 ліс 2023, Sam Morris via FreeIPA-users wrote:
> > I've just installed a Fedora 39 system and joined it to my IPA domain.
> >
> > I've found that when an IPA user connects with SSH, they can't launch
On Срд, 15 ліс 2023, Sam Morris via FreeIPA-users wrote:
I've just installed a Fedora 39 system and joined it to my IPA domain.
I've found that when an IPA user connects with SSH, they can't launch
podman rootless containers, nor can they create scope units.
Local users are unaffected, hence I
I've just installed a Fedora 39 system and joined it to my IPA domain.
I've found that when an IPA user connects with SSH, they can't launch
podman rootless containers, nor can they create scope units.
Local users are unaffected, hence I thought I'd post here in the hope
that someone else can