[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAPS and ssh public key
--On Friday, February 14, 2020 10:41 AM +0000 Клеусов Владимир Сергеевич <Kleusov.Vladimir@wildberries.ru> wrote: 


Hi

I use ldaps .  Will I be able to set up authentication using the SSH
public key ? I use LDAP account Manager
(https://www.ldap-account-manager.org/lamcms/) Here
https://www.ldap-account-manager.org/static/doc/manual/ch04s02.html now
You can manage your public keys for SSH in Lam if you have installed the
LPK patch for SSH or configured AUTHORIZEDKEYSCOMMAND& What does OR mean
? Google says that i need to download the scheme for SSH keys and add the
script to AUTHORIZEDKEYSCOMMAND. But in
https://code.google.com/archive/p/openssh-lpk/wikis/Main.wiki written To
use lpk you must either use standard ldap (not recommended) or LDAP +
TLS. ldaps:// URLs will not work. So in the end ssh key +LDAPS will not
work ?  Or is there a way to use ssh key +LDAPS ?
OpenSSH incorporated the patch with OpenSSH 6.2 or later, so patching OpenSSH is no longer necessary.
The openssh-lpk script I have can be used with ldaps w/o issue (<https://gitlab.symas.net/quanah/ldap-tools/blob/master/ssh/openssh-lpk>).
You will need to have the correct schema for SSH, such as <http://pig.made-it.com/ldap-openssh/openssh-ldap.schema> 

Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>