[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: storing SSH keys in LDAP



In message <CEDF56071C90D611B8B000508BE9001C02CA3B4C@CAROLUS> on Thu, 6 Mar 2003 10:34:28 +0100 , Rob De Langhe <rob.delanghe@telindus.be> said:

rob.delanghe> I managed to load a new user into the LDAP dbase with a
rob.delanghe> "userCertificate" attribute specified in the input LDIF file :
rob.delanghe> 
rob.delanghe> dn: uid=james,dc=...
rob.delanghe> objectclass: posixAccount
rob.delanghe> objectClass: inetOrgPerson
rob.delanghe> ...
rob.delanghe> usercertificate; binary:: <the certificate from the user's
rob.delanghe> $HOME/.ssh/id_dsa.pub" file>
rob.delanghe> ...

You do know, I hope, that the userCertificate attribute is mean to
hold a X.509/PKIX certificate, not just a public key, right?

-- 
Richard Levitte   \ Spannvägen 38, II \ LeViMS@stacken.kth.se
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis                -- poei@bofh.se
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.