[Freeipa-users] Private key management
Rob Crittenden
rcritten at redhat.com
Wed Apr 8 17:59:29 UTC 2015
Andrey Ptashnik wrote:
> Hello Team,
>
> I know that FreeIPA server supports management of public keys for each
> user and it is a very convenient feature.
> Are there any possible way to manage private keys as well including
> features like re-issuing the key pair if it gets compromised?
I assume you mean SSH keys. IPA doesn't issue keys, so re-issuing is out
and AFAIK no plans to do this.
There are plans for a Key Recovery vault which can store a private key,
see https://fedorahosted.org/freeipa/ticket/3872 . This doesn't help in
the case of compromise but it does mean that keys aren't lost.
rob
More information about the Freeipa-users
mailing list