[Freeipa-users] Not able to replicate user keys across master and client
Sumit Bose
sbose at redhat.com
Tue Jan 10 10:01:01 UTC 2017
On Tue, Jan 10, 2017 at 09:37:33AM +0000, nirajkumar.singh at accenture.com wrote:
> Hi Team,
>
> We have Created PPK key for the user on master FreeIPA server which is there in /home/user/.ssh/authorized_keys file.
>
> But the key are not reflecting in client machine.
>
> Please suggest so that authorized_keys file added automatically in client as soon as it gets created in master server.
You have to add the public key to the IPA user object with 'ipa user-mod
--sshpubkey=STR'. Then SSSD will take are on IPA client (and the
servers) that the key can be read by sshd with the
sss_ssh_authorizedkeys command. The needed configuration line
'AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys' in
/etc/ssh/sshd_config should be already added by ipa-client-install.
HTH
bye,
Sumit
>
> Thanks,
> Niraj
>
> ________________________________
>
> This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy.
> ______________________________________________________________________________________
>
> www.accenture.com
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list