[Freeipa-users] Private key management
Andrey Ptashnik
APtashnik at cccis.com
Wed Apr 8 18:38:09 UTC 2015
It looks like Vault is the functionality I was looking for.
Thank you Rob and Dmitri for your responses.
Regards,
Andrey
On 4/8/15, 5:59 PM, "Rob Crittenden" <rcritten at redhat.com> wrote:
>Andrey Ptashnik wrote:
>> Hello Team,
>>
>> I know that FreeIPA server supports management of public keys for each
>> user and it is a very convenient feature.
>> Are there any possible way to manage private keys as well including
>> features like re-issuing the key pair if it gets compromised?
>
>I assume you mean SSH keys. IPA doesn't issue keys, so re-issuing is out
>and AFAIK no plans to do this.
>
>There are plans for a Key Recovery vault which can store a private key,
>see https://fedorahosted.org/freeipa/ticket/3872 . This doesn't help in
>the case of compromise but it does mean that keys aren't lost.
>
>rob
>
More information about the Freeipa-users
mailing list