ssh public keys and pam
Daniel Jacober
daniel.jacober at gmail.com
Thu Oct 20 21:25:42 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jason
Yes that's exactly what I would like to do.
I would like to store the SSH public keys in an LDAP - Directory
instead of storing them locally.
Then I would like to authenticate against those keys. This way I could
control access to all our servers via LDAP.
I first tried to hack pam_ldap - module but I read about issues in a
newsgroup
http://www.opensolaris.org/jive/thread.jspa?threadID=614&tstart=15
Therefore I tried to make my own module. But I can't find a way to get
the public key into the pam-module. All I get is the password after
SSH pubkey authentication fails.
Any hint on this subject is greatly appreciated.
Regards Daniel
>
> I don't have experience working with ssh keys, but with PAM and
> LDAP. What exactly do you want to do? Use the SSH keys as
> authentication or something?
>
> Daniel Jacober wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> Eric
>>
>> Thanks for your hint, nevertheless I would like to get the public
>> key into the pam_module. Does anyone have experience with that?
>>
>> Regards Daniel
>>
>>
>>
>>> Here's what I'm trying to do: I would like to store my public
>>> keys centrally on an LDAP - Server and redirect public key
>>> authentication with PAM to the LDAP - Server.
>>>
>>
>>
>>
>> Sounds like you're looking for OpenSSH LDAP public key support.
>> There's a patch here:
>>
>> http://www.opendarwin.org/projects/openssh-lpk/
>>
>> - -Eric
>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDWAtW+Jpc4lzks7cRAoOIAKCcg9W6CS826+55FLg2iSzhzrhlygCffZFG
6hyTaC4um1Ohg9q9kSc5oVo=
=RFTn
-----END PGP SIGNATURE-----
More information about the Pam-list
mailing list