[prev in list] [next in list] [prev in thread] [next in thread]
List: sssd-users
Subject: Re: [SSSD-users] sss_ssh_authorizedkeys returns "Error looking up public keys"
From: Dmitri Pal <dpal () redhat ! com>
Date: 2013-03-25 16:05:45
Message-ID: 515075D9.9000801 () redhat ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On 03/19/2013 01:52 PM, Mathieu Lemoine wrote:
> Hello,
>
> I have sssd 1.9.4 (from
> https://launchpad.net/~nicholas-hatch/+archive/auth/+packages
> <https://launchpad.net/%7Enicholas-hatch/+archive/auth/+packages>)
> configured on an OpenLDAP server.
> getent passwd, getent group, authentication and cache is working great.
>
> My issue now lies with the SSH public key.
>
> My user has the ldapPublicKey objectClass, and the key is in the
> sshPublicKey attribute.
>
> sss_ssh_authorizedkeys is still returning "Error looking up public keys".
> An inquiry on the #sssd chan directed me to this mailing-list and more
> precisely to jcholast, I tried to check out the commits, but nothing
> seems to get out of it...
>
> If any of you had informations regarding that, it'd be greatly
> appreciated.,
> Mathieu.
See the slide deck attached.
I suspect the implimatation assumes ipa schema not the one you mention.
And the reason is that we have found other schemata limiting.
HTH
>
>
> _______________________________________________
> sssd-users mailing list
> sssd-users@lists.fedorahosted.org
> https://lists.fedorahosted.org/mailman/listinfo/sssd-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
[Attachment #5 (text/html)]
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 03/19/2013 01:52 PM, Mathieu Lemoine wrote:
<blockquote
cite="mid:CAOBEgJjB4+Wm2JKqX3Ky1dy_NgYOo3coamBNjxP0radMrosXow@mail.gmail.com"
type="cite">Hello,<br>
<br>
I have sssd 1.9.4 (from <a moz-do-not-send="true"
href="https://launchpad.net/%7Enicholas-hatch/+archive/auth/+packages">https://launchpad.net/~nicholas-hatch/+archive/auth/+packages</a>)
configured on an OpenLDAP server.<br>
getent passwd, getent group, authentication and cache is working
great.<br>
<br>
My issue now lies with the SSH public key.<br>
<br>
My user has the ldapPublicKey objectClass, and the key is in the
sshPublicKey attribute.<br>
<br>
sss_ssh_authorizedkeys is still returning "Error looking up public
keys".<br>
An inquiry on the #sssd chan directed me to this mailing-list and
more precisely to jcholast, I tried to check out the commits, but
nothing seems to get out of it...<br>
<br>
If any of you had informations regarding that, it'd be greatly
appreciated.,<br>
Mathieu.<br>
</blockquote>
<br>
See the slide deck attached.<br>
I suspect the implimatation assumes ipa schema not the one you
mention. And the reason is that we have found other schemata
limiting.<br>
<br>
HTH<br>
<br>
<blockquote
cite="mid:CAOBEgJjB4+Wm2JKqX3Ky1dy_NgYOo3coamBNjxP0radMrosXow@mail.gmail.com"
type="cite">
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
sssd-users mailing list
<a class="moz-txt-link-abbreviated" \
href="mailto:sssd-users@lists.fedorahosted.org">sssd-users@lists.fedorahosted.org</a> \
<a class="moz-txt-link-freetext" \
href="https://lists.fedorahosted.org/mailman/listinfo/sssd-users">https://lists.fedorahosted.org/mailman/listinfo/sssd-users</a>
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
<a class="moz-txt-link-abbreviated" \
href="http://www.redhat.com/carveoutcosts/">www.redhat.com/carveoutcosts/</a>
</pre>
</body>
</html>
["SSSD_OpenSSH_integration.pdf" (application/pdf)]
[Attachment #7 (text/plain)]
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic