On Thu, Mar 05, 2020 at 02:34:42PM -0000, Hristina Marosevic wrote: > Some more info (another prove that sssd does not derive the public key from > the user certificate): > /usr/bin/sss_ssh_authorizedkeys IIN32000000001 when I am using only > userCertificate;binary attribute (with the binary value of the certificate) > is not giving any output, while when I am using the userCertificate attribute > associated with the value of the public key (when the PKI authentication > works fine) /usr/bin/sss_ssh_authorizedkeys IIN32000000001 outputs the public > key of the user which proves the oposite situation when using public key > (wether used along with certificate or not; in cases when user certificate is > used along with public key it gets mapped in sssd but it is not validated or > compared to the public key - I already mentioned this, and the authentication > using the private/public key pair work fine which is not fine :) ) > > I am just trying to give as much information in order to solve this problem. > Sorry for the spam.
Hi, the best information would be the SSSD logs files with 'debug_level = 9'. bye, Sumit > > > BR, > Hristina > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
