[Freeipa-users] Account/password expirations
Anon Lister
listeranon at gmail.com
Fri Apr 29 16:30:52 UTC 2016
Yep sorry I missed that. You need to put your public keys in IPA.
On Apr 29, 2016 3:32 AM, "Jakub Hrozek" <jhrozek at redhat.com> wrote:
On Thu, Apr 28, 2016 at 09:14:48PM -0400, Prasun Gera wrote:
> >
> > Your can still authenticate with SSH keys, but to access any NFS 4
shares
> > they will need a Kerberos ticket, which can be obtained via a 'kinit'
after
> > logging in.
> >
>
> Then how does the key authentication work if the .ssh directory on nfs4 is
> not accessible ? Doesn't the key authentication process rely on
> .ssh/authorized keys being readable by the authentication module ?
SSSD can fetch the authorized keys from IPA, see man
sss_ssh_authorizedkeys(1)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160429/9a362fcc/attachment.htm>
More information about the Freeipa-users
mailing list