Thanks for your reply. That's exactly what I did: use the sshPublicKey attribute from the ldapPublicKey objectClass and it works nicely. I wish this ldapPublicKey objectClass could be included as default into OpenLDAP.
Regards ML
On Wednesday, April 16, 2014 6:46 PM, Michael Ströder michael@stroeder.com wrote: ML mail wrote:
On my already existing OpenLDAP server I would like to add an attribute in order to store SSH RSA host keys. Currently there are no such attributes (for example: sshRSAHostKey) in any standard schemas.
What would be the best strategy to add this attribute to my OpenLDAP server? Create a new objectClass? or simply add it to another already standard objectClass such as the NIS schema?
Do you already have LDAP entries representing your host/systems? That's really hard part.
If you already have host entries, you can simply add aux object class 'ldapPublicKey' to this entries and put the various host keys (different algorithms) in the multi-valued attribute 'sshPublicKey'.
Ciao, Michael.