Skip to Content.
Sympa Menu

comanage-users - [comanage-users] Challenges with SSH public keys

Subject: COmanage Users List

List archive

[comanage-users] Challenges with SSH public keys


Chronological Thread 
  • From: "Kevin M. Hildebrand" <>
  • To:
  • Subject: [comanage-users] Challenges with SSH public keys
  • Date: Fri, 7 Apr 2017 10:58:59 -0400
  • Ironport-phdr: 9a23:dYYKmRUoVo4Ym8QR8AUkbBse3fXV8LGtZVwlr6E/grcLSJyIuqrYYxCGt8tkgFKBZ4jH8fUM07OQ6PG+HzReqsnc+Fk5M7V0HycfjssXmwFySOWkMmbcaMDQUiohAc5ZX0Vk9XzoeWJcGcL5ekGA6ibqtW1aFRrwLxd6KfroEYDOkcu3y/qy+5rOaAlUmTaxe71/IRG3oAnLqsUbgIRuJ6QxxxDUvnZGZuNayH9yK1mOhRj8/MCw/JBi8yRUpf0s8tNLXLv5caolU7FWFSwqPG8p6sLlsxnDVhaP6WAHUmoKiBpIAhPK4w/8U5zsryb1rOt92C2dPc3rUbA5XCmp4ql3RBP0jioMKjg0+3zVhMNtlqJWuBKvqRJ8zYDJfo+aKOFzcbnBcd4AX2dNQtpdWi5HD4ihb4UPFe0BPeNAooXzolUBswW+BQiqBOjyzTFEnGL906870+QlDA7JwhcvH8gUv3TSsdr5OroZXOe2zKbW0zXDbvVW1Czg6IjNbx8tu++DUq9tccfIz0QkCgDLjk2IpIHkPD6ZzPoBvmaF4+Z6SO6ihGAqpxtyrzWg3ssglJXFi4YPxl3H9Sh12pg5KcC4RUJhY9OoDp1dvDyAOYRsWMMtWWRotT46yrIYvZ67ezAHx4o8xxHFdfCLaZWI4hf+W+qLIDd4nHJleLewhhqo7Uegzej8WtG10FZMsCVFjsHBu3EO2hDJ9MSKROVx8l281TuA2Q3f8OJJLE8smareMZEhw7owlpQJsUTEGy/7gEb2g7GIdkUl/Oil8PnnYrD7qZOGKYB7lxz+Prw0msOjGeQ4LhQOX2+D9Oug073j+Ff2QLNQgf05jKbVqY3aJd8Fqa6jGA9YyYIj6xekDze6y9QUg2MLLFNDeBKbkYfpIVfOL+7kDfuhmVijjipkx+2VdoHmV57KK3HFmbjsOKtm5lRH4As10d1F4Z9IUPcMLO+gdFX2sYmSLRInMgr85qCvKNR52o4UQ2uJDuXRZKDfr16Ozv8qL6+BaJJD62W1EOQs+/O71SxxolQaZ6T8hZY=

I'm using self-signup, LDAP provisioning, and also trying to manage SSH public keys.  The problem that I'm having is that the ldapPublicKey object class lists sshPublicKey as a required attribute.  So if I enable the ldapPublicKey object class in my LDAP provisioner settings, the provisioning of new users will fail since there's no way for them to initially provide their public key during enrollment.

Any thoughts on how to deal with this? 
1) modify the LDAP schema to make sshPublicKey optional
2) modify the LDAP provisioner to not include the ldapPublicKey object class if there are no SSH keys defined
3) modify the enrollment process to allow upload of SSH keys during sign up

It seems to me that even if (3) occurs, there may still be times where some users might not have SSH keys defined while others do.

Thanks,
Kevin

--
Kevin Hildebrand
University of Maryland, College Park



Archive powered by MHonArc 2.6.19.

Top of Page