[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: attribute for storing SSH RSA host keys
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: Re: attribute for storing SSH RSA host keys
- From: ML mail <mlnospam@yahoo.com>
- Date: Wed, 16 Apr 2014 10:34:45 -0700 (PDT)
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1397669685; bh=NMrPnaf8bQEbO8qEjFjcDtWxDd7ranqZiHLE0OoKW/8=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=rTceQzRZ5NEDJHJnCW9V3ARVndKQ70xyltn/bESMbc3KKvwFyKSCBgl0cs4ELgBADFWe/p2n3J87ukRc+Kk5Bn/j2KqlcRYzFWAt+eMwVIEuKwSV5Bu+naCS253fabVUkVekN1C5Y0H7wVCeOeVunjAge6+MtTlIoi0TJmgvLIc=
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=G87lqxyGuCIpHZt/lkAuqmf1VB6yY6jz1eSpukqzwJI1U+vhQcJ66YS/bXNrPbv7hNi4JdYrIx10oNqGHNFm+3+Pe2nWN60gFRKmW4kG+wAV2Dx3V1rRv8OSaAukAG6MxB7dmyXA2E+zR1AuGTx186H5m4amSlbBLPY7+s+lkS4=;
- In-reply-to: <534EB3D3.804@stroeder.com>
- References: <1397640920.30162.YahooMailNeo@web162501.mail.bf1.yahoo.com> <534EB3D3.804@stroeder.com>
Thanks for your reply. That's exactly what I did: use the sshPublicKey attribute from the ldapPublicKey objectClass and it works nicely. I wish this ldapPublicKey objectClass could be included as default into OpenLDAP.
Regards
ML
On Wednesday, April 16, 2014 6:46 PM, Michael Ströder <michael@stroeder.com> wrote:
ML mail wrote:
> On my already existing OpenLDAP server I would like to add an attribute in
> order to store SSH RSA host keys. Currently there are no such attributes
> (for example: sshRSAHostKey) in any standard schemas.
>
> What would be the best strategy to add this attribute to my OpenLDAP
> server? Create a new objectClass? or simply add it to another already
> standard objectClass such as the NIS schema?
Do you already have LDAP entries representing your host/systems? That's really
hard part.
If you already have host entries, you can simply add aux object class
'ldapPublicKey' to this entries and put the various host keys (different
algorithms) in the multi-valued attribute 'sshPublicKey'.
Ciao, Michael.