Hi, On 11.6.2014 16:11, Daniel Jung wrote:
According to the doc, In order to manage user keys, SSSD has a tool, |sss_ssh_authorizedkeys|, which performs two operations:1. Retrieves the user's public key from the user entries in the Identity Management (IPA) domain. 2. Stores the user key in a custom file, |.ssh/sss_authorized_keys|, in the standard authorized keys format.
The documentation is not correct, see <https://bugzilla.redhat.com/show_bug.cgi?id=985809>.
So i can get the sss_ssh_authorizedkeys to spit out the publickey, and can auth using it via sshd, however, I do not see .ssh/sss_authorized_keys being created under users directory. I even tried creating the file and see if it gets updated. Don't see anything obvious in the ssh_config that would indicate adding authorized_keys. Anyone?
You need to set AuthorizedKeysCommand to /usr/bin/sss_ssh_authorizedkeys in sshd_config, ssh_config is not related. See sss_ssh_authorizedkeys man page for more information.
Honza -- Jan Cholasta _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
