2013/3/19 Jakub Hrozek <[email protected]> > On Tue, Mar 19, 2013 at 01:56:20PM -0400, Mathieu Lemoine wrote: > > Hello, > > > > I have sssd 1.9.4 (from > > https://launchpad.net/~nicholas-hatch/+archive/auth/+packages) > configured > > on an OpenLDAP server. > > getent passwd, getent group, authentication and cache is working great. > > > > My issue now lies with the SSH public key. > > > > My user has the ldapPublicKey objectClass, and the key is in the > > sshPublicKey attribute. > > > > sss_ssh_authorizedkeys is still returning "Error looking up public keys". > > An inquiry on the #sssd chan directed me to this mailing-list and more > > precisely to jcholast, I tried to check out the commits, but nothing > seems > > to get out of it... > > Full disclosure: I was the one who redirected Mathieu to you, Honza :-) > > > > > If any of you had informations regarding that, it'd be greatly > appreciated., > > Mathieu. > > I think as a first step, it would be nice to put debug_level=8 into the > [ssh] section of the sssd.conf file, restart the SSSD and then attach > the ssh responder logs (/var/log/sssd/sssd_nss.log). > > Also the sssd.conf (sanitized if needed) would come handy. >
The sssd.conf is simple enough (I attached a cleaned version, I only changed the domain name and dc=* records for "office", anyway, authentication and getent are working just fine, so the connection to my LDAP is not the issue). Regarding the logs, with debug_level 10, I can see nothing related to ssh in sssd_nss.log. However, I have the following lines in sssd_office.log: (Tue Mar 19 14:21:11 2013) [sssd[be[office]]] [sdap_attrs_add_ldap_attr] (0x2000): sshPublicKey is not available for [mlemoine]. (Got one per user every ten seconds) However, sshPublicKey is in my user (mlemoine), which is also the only user with an sshPublicKey attribute. Did I miss something? Thanks for your help.
sssd.conf
Description: Binary data
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
