On Sat, Dec 08, 2018 at 08:09:09PM +0200, George Diamantopoulos wrote: > Hello all, > > I've been trying (and failing) to configure sssd to use LDAP to retrieve > hosts' public SSH keys. I'd like to ask if this is possible with LDAP at > all, or this feature is only supported with FreeIPA. > > If yes, what search filter does sssd use to lookup keys in LDAP? I'm using > the sshPublicKey attribute for both people and machines in my LDAP schema, > but I can't figure out what attribute is checked to determine the hostname.
For the hostname the attribute 'fqdn' is used, please see the ldap_host_* options described in man sssd-ldap for details. You can find the search filters and search bases in the domain log if you add 'debug_level=6' (or higher) to the [domain/...] section of sssd.conf. HTH bye, Sumit > > User ssh public key retrieval works fine in my configuration. I'm using > sssd 1.15 which ships with debian stretch. > > Thanks! > > BR, > George > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
