Closed sssd-bot closed 4 years ago
This is still an issue as of 2.8.1-1.el8 on CentOS Stream 8.
I was following the bread crumbs in https://github.com/389ds/389-ds-base/issues/2484 to add nsSshPublicKey
attributes for my users in 389-ds 1.4.x and couldn't figure out how to make SSSD see them. After learning about ldap_user_ssh_public_key
in this issue, but also not finding it in any SSSD man page, I grepped the source tree to confirm that it still existed.
After adding those to my sssd.conf
, restarting sssd, and clearing my user cache I am able to see my user's SSH public key:
# /usr/bin/sss_ssh_authorizedkeys aorth
ssh-ed25519 AAAAC3NzaC... aorth@wooo
So this definitely needs to be added to the man page.
This attribute is mentioned in man sssd-ldap-attributes
.
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3286
On RHEL6, the man page sssd-ldap says:
But if ldap_user_ssh_public_key is not explicitly defined in sssd.conf, SSSD does not read SSH keys from AD even if the key is stored in attribute sshPublicKey. It should probably be noted that the default for ad provider is null.
Comments
Comment from jhrozek at 2017-02-02 16:12:11
I would actually suggest to not do this, but rather offer the admin the opportunity to display the current mappings via sssctl config-show. See ticket https://fedorahosted.org/sssd/ticket/3157
Comment from jhrozek at 2017-02-02 16:14:19
Fields changed
rhbz: => 0
Comment from jhrozek at 2017-02-08 22:29:41
Since there were no complains, let's close this ticket as a duplicate of #3157
resolution: => duplicate status: new => closed
Comment from vojamo at 2017-02-24 15:05:52
Metadata Update from @vojamo: