[Freeipa-users] Re: Get user ssh key instead of fingerprint.
Yes, This is what I needed. Thank You guys :) Best Maciej On Tue, Jan 16, 2018 at 11:08 AM, Sumit Bose via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote: > On Tue, Jan 16, 2018 at 10:53:21AM +0100, Maciej Drobniuch via > FreeIPA-users wrote: > > Hi all. > > > > Is there any way to get the user's ssh key (not fingerprint) via console? > > if the key is store in IPA you can get the full key with > > ipa user-show --all username > > or > sss_ssh_authorizedkeys username > > The latter might show ssh keys from idoverrides or derived from user > certificates as well. > > HTH > > bye, > Sumit > > > > > Maybe LDAP? > > > > Or only via a https request ? > > > > Thanks > > > > -- > > Best regards > > > > Maciej Drobniuch > > Network Security Engineer > > Collective-Sense,LLC > > > ___ > > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > > To unsubscribe send an email to freeipa-users-leave@lists. > fedorahosted.org > ___ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > -- Best regards Maciej Drobniuch Network Security Engineer Collective-Sense,LLC ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: Get user ssh key instead of fingerprint.
On ti, 16 tammi 2018, Maciej Drobniuch via FreeIPA-users wrote: Hi all. Is there any way to get the user's ssh key (not fingerprint) via console? Maybe LDAP? Or only via a https request ? Do you mean a public ssh key associated with a user with the help of 'ipa user-mod foo --sshpubkey=...'? An easiest way to read the keys would be using 'sss_ssh_authorized_keys' utility: $ sss_ssh_authorizedkeys admin ssh-rsa B -- / Alexander Bokovoy ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: Get user ssh key instead of fingerprint.
On Tue, Jan 16, 2018 at 10:53:21AM +0100, Maciej Drobniuch via FreeIPA-users wrote: > Hi all. > > Is there any way to get the user's ssh key (not fingerprint) via console? if the key is store in IPA you can get the full key with ipa user-show --all username or sss_ssh_authorizedkeys username The latter might show ssh keys from idoverrides or derived from user certificates as well. HTH bye, Sumit > > Maybe LDAP? > > Or only via a https request ? > > Thanks > > -- > Best regards > > Maciej Drobniuch > Network Security Engineer > Collective-Sense,LLC > ___ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org