I want to be able to manage all my users logins via OpenLDAP.
I am using Centos 5.3, OpenSSH 4.3p2-42 and OpenLDAP 2.3.43.
I have installed GOsa2.
Is there a GOsa plugin to manage the SSH keys in LDAP?
I came across the openssh-lpk patch but it applies against a newer OpenSSH. I don't want to break my server. Is there a yum
repository available with this patch applied? Do I even need it?
How can I get OpenSSH to query the LDAP server for the keys?
Can I configure PAM to do this somehow?
Advice is appreciated.
Thanks
Best Answer
I have struggle one this one as well for some time. Firstly check the version of openssh is >6.2 then the syntax of the sshpublickey from gosa.
I had it on Debian 7.7 then dist upgrade to Debian 8 to get the latest openSSH features.
Do
If you have added it with gosa it will probably say something like
This is because it is getting hashed in someway that I haven't figured out yet but you can at this manually with creating a file called e.g sshkey.ldif and add the following content
Then modify it with ldapmodify
My entries looked like this with Gosa and with ldapmodify
Then take a look here ldap-ssh-key