--On Friday, February 14, 2020 10:41 AM +0000 Клеусов Владимир Сергеевич Kleusov.Vladimir@wildberries.ru wrote:
Hi
I use ldaps . Will I be able to set up authentication using the SSH public key ? I use LDAP account Manager (https://www.ldap-account-manager.org/lamcms/) Here https://www.ldap-account-manager.org/static/doc/manual/ch04s02.html now You can manage your public keys for SSH in Lam if you have installed the LPK patch for SSH or configured AUTHORIZEDKEYSCOMMAND& What does OR mean ? Google says that i need to download the scheme for SSH keys and add the script to AUTHORIZEDKEYSCOMMAND. But in https://code.google.com/archive/p/openssh-lpk/wikis/Main.wiki written To use lpk you must either use standard ldap (not recommended) or LDAP + TLS. ldaps:// URLs will not work. So in the end ssh key +LDAPS will not work ? Or is there a way to use ssh key +LDAPS ?
OpenSSH incorporated the patch with OpenSSH 6.2 or later, so patching OpenSSH is no longer necessary.
The openssh-lpk script I have can be used with ldaps w/o issue (https://gitlab.symas.net/quanah/ldap-tools/blob/master/ssh/openssh-lpk).
You will need to have the correct schema for SSH, such as http://pig.made-it.com/ldap-openssh/openssh-ldap.schema
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com